Skip to content
Trust

Security & compliance

How Pintle handles data, governs models, maintains an audit trail, and maps to the frameworks your security team already uses.

On this page

At a glance

Pintle is built for buyers whose security teams pre-approve every vendor. We’ve designed the platform — and our company — for the questions you’re already asking.

AreaPosture
SOC 2 Type IIIn progress; annual audit cycle
ISO/IEC 27001In progress
NIST AI RMFControls mapped (Govern, Map, Measure, Manage)
EU AI ActRisk classification & obligations documented
Data residencyEU and US regions; single-tenant available
EncryptionTLS 1.3 in transit; AES-256 at rest; KMS-managed keys

Status reflects current posture; updated each quarter. Attestation reports and security questionnaires are available under NDA — contact us.

Data handling

  • No training on customer data. Customer prompts, completions, and tool inputs are never used to train Pintle’s models or any third-party model we route to.
  • Configurable retention. Hot retention defaults to 30 days; cold retention defaults to 7 years for regulated industries. Both are configurable per workspace.
  • Sub-processor transparency. A live list of every sub-processor (model providers, infrastructure, observability) is published and version-controlled. You’re notified before we add a new one.
  • Regional pinning. Customer data stays in the region you select. Cross-region replication is opt-in.

Model governance

Pintle Control is the single chokepoint for every model call made on the platform. That means:

  • Per-team allow-lists. Each team can use a specific set of models; nothing else routes.
  • Per-data-class rules. Sensitive data classes (PII, PCI, PHI) can only flow to models that meet the corresponding compliance posture.
  • Evals as guardrails. You can require evaluation pass rates before a flow is promoted to production.
  • Drift detection. Production traffic is sampled and re-scored continuously; alerts fire when scores regress.

Audit trail

Pintle Insights records every prompt, tool call, decision, and policy evaluation as a signed event in an append-only ledger. The ledger is:

  • Tamper-evident. SHA-256 chaining detects any modification.
  • Identity-attributed. Every event carries the verified identity of the user, agent, or service account that initiated it.
  • Exportable. Stream into your existing SIEM (Splunk, Datadog) or warehouse (Snowflake, BigQuery, S3).
  • Framework-mapped. Pre-built views align to SOC 2, ISO 27001, NIST AI RMF, and EU AI Act control families.

Identity & access

  • Federated SSO. Okta, Azure AD, Google Workspace, plus any standard OIDC or SAML provider.
  • Scoped service identities. Each agent runs under a service identity with narrowly scoped permissions and short-lived tokens (default 15 min).
  • Least-privilege defaults. New workspaces start locked down; access is granted explicitly.
  • Break-glass workflow. Emergency elevation paths are themselves audited, time-bound, and reviewed.

Responsible disclosure

If you’ve found a vulnerability, please email us at security@pintle.ai. We respond within one business day and aim for a fix or mitigation within seven days for high-severity issues. We don’t yet operate a public bug bounty; please don’t publish before we’ve had time to remediate.

Talk to us

Detailed control mappings, penetration test summaries, and security questionnaires are available under NDA. Get in touch.

Need the long form?

Detailed control mappings, pen-test summaries, and questionnaires available under NDA.

Talk to us See products