Assurance, applied to ourselves.
Arclave exists to make decisions provable — complete, consistent, grounded, governed, and on the record. We hold our own company to the same standard. This is where we show our work: how we secure your data, how we handle it, and the published science behind exactly what Arclave does and does not claim.
This page separates what is live today from what is on our roadmap. An assurance company does not get to overclaim its own assurance. Where a control is planned rather than operating, we mark it On the roadmap and say so plainly.
How we protect the platform.
The Decision Console is a login-protected web service. The practices below are in force today.
Encryption in transit and at rest
Every connection is served over HTTPS/TLS; application data and the decision ledger sit on managed infrastructure with encryption at rest.
Authentication
Passwords are hashed (never stored in plaintext); sessions are signed and time-boxed; sign-in is throttled and locks out after repeated failures.
Tamper-evident records
Every exported assurance record carries a SHA-256 verification hash over its canonical content, so a record can be proven unaltered.
Append-only audit trail
The Decision Ledger is an immutable system of record of who decided what, when, and on what evidence.
Underway, and labeled honestly.
SOC 2 Type II — independent examination of our controls; the report and bridge letter will be posted here when complete. Third-party penetration test — summary letter to be published here. Single sign-on (SAML / OIDC) and SCIM — for charter and enterprise tenants. None of these is claimed as complete; each ships to this page when it is real.
What we hold, and what we do with it.
Arclave reasons over architecture-decision submissions and records the verdicts. We treat that record as yours.
What we store
The decision submissions you review and the resulting verdicts, findings, and rationale — the Decision Ledger. The current charter preview runs on synthetic data only.
Retention & deletion
On termination, anonymized aggregates are retained; raw client decisions are deleted, with a full-purge option — mirroring the Charter Design-Partner terms.
Ownership
Your decisions and their records are your data. Arclave does not sell customer data and does not use your decisions to train shared models.
Sub-processors
A managed cloud host provides compute, encrypted storage, and TLS. A complete, versioned sub-processor list will be published here. (On the roadmap.)
Data residency
Single region today. Region choice and customer-cloud or on-premises deployment for enterprise tenants. (On the roadmap.)
Your paperwork
A Data Processing Addendum and a completed security questionnaire are available to charter prospects on request.
We tested ourselves, and published the result.
Most AI vendors ask you to take their capability on faith. We pre-registered ours as a falsifiable experiment — and reported what happened, including the part that did not go our way. We pre-registered the hypothesis that a board of AI agents decides better than a strong single expert. Across seven exploratory regimes, it was disconfirmed. So Arclave makes the narrower, honest claim: it provides assurance — not an oracle that out-decides your experts. The accountable human keeps decision control; Arclave makes the decision defensible.
Publishing a disconfirming result about our own product is the strongest trust signal we own. It is the principle the whole company is built on: somebody must audit the auditor.
Pre-registered on the Open Science Framework (OSF) · Digital Object Identifier (DOI): 10.17605/OSF.IO/ZWM3S
What Arclave does — and what it does not.
Precision about scope is itself an assurance practice. We state the limits plainly.
Arclave does
- Review every decision against your standards, completely and consistently.
- Cite the evidence behind every finding.
- Record an immutable, exportable, tamper-evident assurance record.
- Escalate genuine ambiguity to the accountable human.
Arclave does not
- Make the decision for you, or replace accountable humans.
- Promise perfection — assurance is reasonable, not absolute.
- Claim hallucination is eliminated; it is made visible and verified down, not erased.
- Operate above advisory autonomy without your explicit, earned consent.
The mechanics, in the open.
Governance-as-code
Inviolable rules are enforced deterministically on every review — hallucination-proof by construction, and no single agent or model can relax them.
Evidence-cited findings
Every concern must quote verifiable evidence from the submission; ungrounded findings are dropped, not surfaced.
The verification hash
A SHA-256 fingerprint on every assurance record makes it tamper-evident for an auditor or regulator.
The human above the loop
Arclave runs at advisory autonomy; decision authority is earned over time, never assumed.
Who assures the assurer.
A standard is only as trustworthy as its independence. The Decision Assurance Levels are an open specification — published, not proprietary — and the Decision Assurance Council is a vendor-neutral body that stewards the discipline, with independence safeguards in its charter so the standard is not captured by any single vendor, including us.
Talk to us.
Security researchers, procurement teams, and prospective charter members are all welcome. Reach our security contact at security@arclave.com, or start a charter conversation for a DPA and our security questionnaire.