Security
Security
Dhruv Intelligence, Inc. maintains a comprehensive information security framework governing the collection, storage, transmission, and access of principal-side financial intelligence. The framework is designed to satisfy the security and compliance requirements applicable to regulated financial services environments and is subject to continuous evaluation and improvement.
Infrastructure Security
The Company's platform infrastructure is architected to institutional-grade specifications. Security controls are implemented at every layer of the technology stack, including network, application, data, and access layers. Infrastructure design prioritizes data integrity, system availability, and threat containment.
Encryption
All data processed by the Company is encrypted in transit and at rest pursuant to cryptographic standards consistent with those required by leading financial institutions and applicable regulatory frameworks. Encryption controls are applied universally and without exception across all storage, transmission, and access environments.
Access Control & Identity Governance
Access to Company systems and data environments is governed by a formal role-based access control framework operating on a least-privilege basis. Principal, institutional, and internal operational environments are maintained as fully isolated segments. Access rights are subject to continuous monitoring, periodic review, and immediate revocation upon any change in personnel status or authorization scope.
Authentication
All user accounts are subject to mandatory credential-based authentication with multi-factor verification requirements. The Company does not employ passwordless or link-based authentication mechanisms. Authentication standards are reviewed periodically against applicable industry benchmarks.
Audit Logging & Accountability
The Company maintains a complete and immutable audit record of all data events, system access requests, and operational actions. All entries are timestamped, permanently retained, and available for review in connection with internal audits, regulatory inquiries, or institutional due diligence processes.
Data Segregation & Principal Data Rights
Principal data is maintained in strict isolation from all advisor, institutional, and third-party data environments. The Company does not sell, license, transfer, or disclose principal data to any advisor, counterparty, institution, or third party. This obligation is enforced through architectural controls and is reflected in the Company's contractual commitments to its clients.
Regulatory Compliance & Certification
SOC 2 Type II examination in progress. Its compliance infrastructure has been designed from inception to satisfy the due diligence standards applicable to regulated institutional counterparties, including registered investment advisors, private banking institutions, family offices, and custodial platforms. Compliance documentation is available to qualified institutional counterparties upon execution of an appropriate confidentiality agreement.
Third-Party Risk Management
All third-party infrastructure providers engaged by the Company are subject to formal security assessment prior to onboarding and periodic review thereafter. Vendor security standards are evaluated against the same institutional requirements applied to the Company's core platform. The Company maintains a current inventory of all infrastructure subprocessors.
For security inquiries, compliance documentation requests, or institutional due diligence matters, please contact: info@dhruvintelligence.ai