AuraOne

Compliance & Certifications

Effective Date: October 9, 2025 | Last Updated: October 9, 2025

AuraOne keeps compliance, security, and regulatory work straightforward. Automated evidence, hardened controls, and full audit trails help teams meet obligations across industries and regions without building the plumbing themselves.

Compliance is engineered into the platform. Continuous monitoring, real-time reporting, and ready-to-share documentation speed up certifications for safety-critical AI deployments.

Certifications & Standards

SOC 2 Type II

Certified

Annual third-party audits verify our security, availability, and confidentiality controls.

ISO 27001

Certified

International standard for information security management systems (ISMS).

GDPR

Compliant

Full compliance with EU General Data Protection Regulation including data residency.

HIPAA

Ready

Business Associate Agreement (BAA) available for healthcare customers.

CCPA/CPRA

Compliant

California Consumer Privacy Act and California Privacy Rights Act compliance.

EU AI Act

Ready

Automated technical file generation and compliance documentation for AI systems.

01. Our Compliance Commitment

AuraOne treats compliance as a shared responsibility. We provide platform-level controls, automated evidence generation, and continuous monitoring.

  • Platform ControlsSecurity features, encryption, and audit logging built-in.
  • Automated EvidenceArtifacts and documentation produced automatically.
  • Continuous MonitoringReal-time dashboards and automated alerts.
  • Expert SupportDedicated compliance team for audits.

02. GDPR Compliance

Legal Basis & Processing

  • • Data Processing Addendum (DPA) with SCCs
  • • Clear controller/processor roles
  • • Lawful basis identification
  • • Purpose limitation enforced

Rights Support

  • • Automated Subject Access Requests (SAR)
  • • Secure deletion workflows
  • • Self-service data correction
  • • Standardized data portability

EU AI Act Compliance

Automated Technical Documentation

Automated generation of technical files required by Annex IV, including system description, development process, and validation data.

Article 11 Tech DocsArticle 9 Risk Mgmt

Risk & Governance

Comprehensive risk assessment frameworks, data governance documentation (Article 10), and accuracy/robustness metrics (Article 15).

Bias DetectionRobustness Testing

EU AI Act Compliance Pack

One-click generation of conformity assessments and post-market reports.

Request Access →

10. Data Residency

United States

  • US East (VA)
  • US West (OR)
  • US Central (IA)

European Union

  • Frankfurt
  • Ireland
  • Paris

United Kingdom

  • London

Asia Pacific

  • Singapore
  • Tokyo
  • Sydney

Compliance Inquiries

General Compliance

Audit reports & questions

compliance@auraone.ai

Data Protection Officer

GDPR/Privacy

dpo@auraone.ai

HIPAA Compliance

BAA Requests

hipaa@auraone.ai

EU AI Act Support

Regulation help

eu-ai-act@auraone.ai

Shared Responsibility Model

Compliance outcomes depend on configuration. AuraOne provides secure infrastructure and controls, but customers are responsible for their specific model validations, policies, and product-level certifications (e.g., FDA).