Due diligence, ready before the first demo.

Output rows in analysis_outputs are encrypted with AES-GCM-256 under HKDF-SHA256 per-user key derivation. Encryption keys never leave the application layer.

Client documents are never persisted on disk or in the database. Every analysis runs in RAM and is destroyed at session end. There is no "delete client data" feature because there is no client data to delete.

Names, IDs (NIF/SSN/IBAN), addresses and emails are replaced by opaque tokens before any upstream LLM call. The model audits structure blind; the original identity never crosses the boundary.

Full Data Protection Impact Assessment published in ten sections. Reviewable by your DPO before requesting a demo.

Ricardo González Álvaro, Calle Zorzaleño 15, La Raya del Palancar, Madrid, Spain — quantumnexusventures@proton.me. Published in /privacy across all locales and registered in the DPIA.

Each user declares their bar and roll number (ICAB, CGAE, NY Bar, Law Society England & Wales, OAB, etc.) in account settings. Timestamped in the consent log. Automated API verification with major bars is on the roadmap.

Every completed analysis is sealed with a SHA-256 hash of the final output, an ISO 8601 timestamp and an HMAC signature using a per-organisation key. Any post-issuance tampering breaks verification. No external networks, no third parties.

Async job callbacks signed with HMAC-SHA256 in the X-Nexus-Signature header. Replay-safe retry schedule: 1m → 5m → 30m → 2h → 12h. Verifiable with your secret key.

Production error tracking via Sentry (EU region). SLA: 99.5% Standard / 99.9% Enterprise. Breach triggers automatic credit-back — no support ticket required.

Database on Supabase eu-west-2. Application on Railway europe-west4 (Netherlands). All data residency stays within the EU. No cross-region replication outside the EU.

GDPR + LOPDGDD (Spain) + CCPA (California) + EU AI Act (high-risk legal use cases mapped) + UAE PDPL. Compliance hooks built into the platform, not retrofitted.

Security issues are accepted at security@nexusquantum.legal. We commit to acknowledge within 72h and provide a remediation timeline within 7 days. Coordinated disclosure preferred.

Every legal citation in an output carries the [L4-N] seal. The Evidence Tray exposes a click-to-verify button: green (literal match), amber (LLM paraphrased), red (citation not in corpus), warning (article amended). Spain corpus is active today; other jurisdictions activate under Premium contract.

KeyCite / Shepard's equivalent for every jurisdiction we cover. Each citation carries a validity badge: green (good law), amber (distinguished), red (overruled), black (statute repealed), grey (unknown — confidence below threshold). Premium add-on, activated under contract per jurisdiction (5 or 10 business days).

Single Sign-On infrastructure is built and Enterprise-ready. Compatible with Okta, Azure AD, Google Workspace, OneLogin, Ping Identity and any standard SAML 2.0 IdP. The firm admin pastes the IdP metadata XML in the SSO configuration tab; the Nexus team enables SSO for the corporate domain; every user in the domain sees the "Sign in with SSO" button. Isolated per corporate domain.

Trust Service Criteria (Security, Availability, Confidentiality) controls are live since May 2026: vendor register, risk register, append-only incident log, change log. Formal observation period planned Q3-Q4 2026; report expected Q1 2027. Enterprise customers can request the evidence packet under NDA today.