Security overview
Security and data-handling overview
PublicProof is built for government compliance operations, so the security posture centers on bounded pilot scope, deterministic records, limited collection, human review, and clear procurement boundaries.
Trust posture
- Pilot-first operating model with bounded entity scope rather than broad multi-tenant onboarding on day one.
- Deterministic compliance records for inventory, findings, remediation, vendor accountability, and evidence.
- Human-reviewed decisions for severity, exceptions, and evidence issuance rather than autonomous AI judgment.
- Marketing-site claims do not replace signed procurement, service, security, data handling, or support terms.
Operating boundaries
| Area | Current posture | Boundary |
|---|---|---|
| Data scope | Public digital surfaces, pilot contacts, vendor records, findings, remediation tasks, and evidence records. | No broad resident-data intake is required for public-site review or initial pilot scoping. |
| Human review | Operators review severity, exceptions, and evidence issuance. | AI may support internal drafting, but it does not make final compliance conclusions. |
| Deterministic records | Inventory, findings, remediation, vendor accountability, and evidence are structured records. | Risk scoring and evidence outputs must remain auditable instead of opaque. |
| Limited collection | The public site collects direct business contact context submitted through the contact form or direct email, plus Vercel site analytics and performance telemetry. | PublicProof does not sell personal information and does not operate as a consumer service. |
| Accessibility commitment | The public site targets WCAG 2.1 Level AA and provides an accessibility feedback route. | PublicProof avoids unsupported accessibility guarantees about its own or customer environments. |
| Procurement review | Security and data handling materials are available during live procurement and pilot discussions. | Signed engagement documents control scope, pricing, SLAs, and formal commitments. |
Procurement and security review
- Security, data handling, and operating-boundary materials are available during live pilot and procurement discussions.
- The public Pilot Trust Overview summarizes data scope, human review, AI boundaries, procurement review paths, and accessibility commitments.
- The production site is served on https://publicproofos.com and security questions can be directed to security@publicproofos.com.
- Formal commitments should be taken from the procurement packet and signed engagement documents, not inferred from marketing copy alone.
Related trust pages
PublicProof also publishes Privacy, Terms, and Accessibility Statement pages for public review. Security questions route to security@publicproofos.com.