Enterprise Security
Security You Can See.
Governance You Can Prove.
Treasure AI is built for enterprises that can't afford to trust blindly.
From independently audited certifications to column-level data masking to AI agent audit logs — every layer of our platform gives your security team control, visibility, and evidence.
Aysha Kahn, CIO/CISO, Treasure AI
Compliance
Independently Audited, Globally Certified.
Third-party audits across security, privacy, and AI governance frameworks
— with reports available via our Trust Center.
SOC 2 Type 2
Treasure AI undergoes an annual SOC 2 Type 2 audit covering the Security, Confidentiality, Availability, and Processing Integrity (PI) Trust Services Criteria (TSC).
SOC 3
Treasure AI undergoes an annual SOC 3 Type 2 audit covering the Security, Confidentiality, Availability, and Processing Integrity (PI) Trust Services Criteria (TSC).
ISO/IEC 27001
Treasure AI undergoes an annual ISO27001:2022 certification audit over the ISMS that governs the Treasure AI CDP.
ISO 27701
Treasure AI undergoes an annual ISO/IEC 27701:2019 certification audit over the PIMS that governs the Treasure AI CDP.
ISO/IEC 27017
Treasure AI undergoes an annual ISO/IEC 27017:2015 certification audit over the ISMS that governs the Treasure AI CDP.
ISO/IEC 27018
Treasure AI undergoes an annual ISO/IEC 27018:2019 certification audit over the ISMS that governs the Treasure AI CDP.
HIPAA
HIPAA compliance ensures that Treasure AI protects the confidentiality, integrity, and security of ePHI for our healthcare and life sciences customers. Treasure AI undergoes an annual HIPAA audit to verify all HIPAA Security Rule requirements are addressed and operating effectively.
CSA STAR Level 1
CSA Star Level 1 is a self attestation intended for Cloud Service Providers (CSPs) that validates Treasure AI’s use of industry-leading best practices to secure data in our CDP.
TRUSTe Responsible AI Certification
This AI certification is focused on privacy and data protection. It demonstrates Treasure AI’s commitment to the development of AI services according to responsible AI principles. Its scope includes Treasure AI Audience Agent and AI Agent Foundry (does not currently include Treasure Code).
STAR for AI Level 1
CSA Star Level 1 is a self assessment that contains 243 control objectives distributed across 18 security domains. It maps to leading standards, including ISO 42001, ISO 27001, NIST AI RMF 1.0, and BSI AIC4 and guides us to develop, implement, and operate AI technologies in a secure and responsible manner.
Privacy Mark
Treasure AI undergoes annual PrivacyMark compliance audits. PrivacyMark is a privacy-centric certification in Japan that focuses on enhancing consumers’ awareness of personally identifiable information (PII) protections. The requirements are based on JISQ standards and are governed by JIPDEC (Japan Institute for Promotion of Digital Economy and Community). PrivacyMark is viewed as the Japan equivalent of the ISO/IEC 27001.
FISC
Treasure AI has developed a guide to help our customers understand how our control environment aligns with the Center for Financial Industry Information Systems (FISC) guidelines. Many of the controls outlined in our guide are already implemented as part of existing third-party audited compliance offerings, such as our ISO/IEC 27001 certification and SOC 2 Type 2 report.
Platform Security
Built for Enterprise Security Questionnaires
Identity & Access Management
-
SAML 2.0 SSO — supported with Okta, Azure AD, and other SAML 2.0 identity providers
-
MFA enforcement — per-account MFA policy, enforced at login
-
Policy-Based Permissions — multi-policy model; stack region, role, and data-class policies per user independently
-
OAuth 2.0 + PKCE authentication — credentials never stored in browser
-
API key lifecycle management — time-limited tokens
Data Protection
-
AES-256 encryption at rest
-
TLS 1.2+ encryption in transit Customer-managed key option available
-
Column-level dynamic data masking — tag columns as PII; masking applies to all queries and AI agents
-
Audience column visibility control — marketers use PII columns in campaigns without ever seeing the values
Incident Response
- Dedicated security incident response process with defined escalation tiers
- Annual external penetration testing — reports available for download under NDA via Trust Center
- Internal Red Team exercises
- We notify affected customers within 72 hours of a confirmed breach, consistent with GDPR Article 33.
- Critical CVE patch SLA — critical vulnerabilities patched within defined SLA;
Data Protection
- Data Processing Agreement (DPA) — available for download; covers GDPR, CCPA, and applicable data protection laws
-
Subprocessor list — published with last-updated date (last updated April 20, 2026); includes all third parties that process customer data, including named LLM providers
- Business Associate Agreement (BAA) — available for HIPAA-covered entities on request
- Data residency contractual commitment — region selection is contractually binding; no cross-region replication without explicit consent
- Right-to-erasure (RTBF) support — documented deletion process; GDPR one-month and CCPA 45-day SLAs observed
- AI Terms — contractual prohibition on using customer content to train AI models; covers Amazon Bedrock and OpenAI
- AI Acceptable Use Policy — EU AI Act alignment; prohibited uses enumerated
Auditability
- Premium Audit Log — td_audit_log table in your own database; unlimited events, queryable with SQL; includes user identity, timestamp, resource, and action type
- Column-level access events logged — every masked field request is traceable to a specific user and query
- AI agent network calls logged — domain, IP, port, Chat ID, action type; admin-filterable in real time
- Permission Policy API — full audit trail of policy changes via REST; GitOps-compatible
- Unlike legacy export-only audit logs or paid add-on monitoring, your audit log lives in your own database and is queryable with SQL
AI Security
- Server-side sandbox — AI agents have no access to local filesystem; all execution is isolated server-side
- Network Audit Log — every external call logged: domain, IP, port, Chat ID, action type; admin-filterable in real time
- Permission inheritance — agents execute under the requesting user's own permissions, not a privileged service account
- OAuth 2.0 + PKCE — credentials scoped, short-lived, and isolated from client-side JavaScript
- Column-level PII masking before LLM endpoint — PII tags enforced server-side; masked data never reaches Amazon Bedrock or OpenAI
- No training on customer data — Treasure AI and all LLM providers contractually prohibited from using customer content to train models (AI Terms)
- Named LLM providers — Anthropic and OpenAI via Amazon Bedrock; fully listed in the Subprocessor List
- Regional inference — customer data does not cross contracted region boundaries during AI inference
- Customer owns inputs and outputs — no license to Treasure AI beyond operating the service
- EU AI Act alignment — high-risk uses enumerated and prohibited in AI Acceptable Use Policy
Infrastructure
- Multi-AZ deployment on AWS per region — 99.99% uptime (past 90 days); see status.treasure.ai for live metrics
- 5 AWS regions: US East (N. Virginia), US West (Oregon), Europe (Frankfurt), AP Tokyo, AP Seoul Separate KMS encryption keys per region
- Physical security — AWS data center controls (SOC 2 covered)
- Platform patching — critical patches applied within defined SLA
- Service status — real-time availability at status.treasuredata.com
Identity & Access Management
-
SAML 2.0 SSO — supported with Okta, Azure AD, and other SAML 2.0 identity providers
-
MFA enforcement — per-account MFA policy, enforced at login
-
Policy-Based Permissions — multi-policy model; stack region, role, and data-class policies per user independently
-
OAuth 2.0 + PKCE authentication — credentials never stored in browser
-
API key lifecycle management — time-limited tokens
Data Protection
-
AES-256 encryption at rest
-
TLS 1.2+ encryption in transit Customer-managed key option available
-
Column-level dynamic data masking — tag columns as PII; masking applies to all queries and AI agents
-
Audience column visibility control — marketers use PII columns in campaigns without ever seeing the values
Incident Response
- Dedicated security incident response process with defined escalation tiers
- Annual external penetration testing — reports available for download under NDA via Trust Center
- Internal Red Team exercises
- We notify affected customers within 72 hours of a confirmed breach, consistent with GDPR Article 33.
- Critical CVE patch SLA — critical vulnerabilities patched within defined SLA;
Data Protection
- Data Processing Agreement (DPA) — available for download; covers GDPR, CCPA, and applicable data protection laws
-
Subprocessor list — published with last-updated date (last updated April 20, 2026); includes all third parties that process customer data, including named LLM providers
- Business Associate Agreement (BAA) — available for HIPAA-covered entities on request
- Data residency contractual commitment — region selection is contractually binding; no cross-region replication without explicit consent
- Right-to-erasure (RTBF) support — documented deletion process; GDPR one-month and CCPA 45-day SLAs observed
- AI Terms — contractual prohibition on using customer content to train AI models; covers Amazon Bedrock and OpenAI
- AI Acceptable Use Policy — EU AI Act alignment; prohibited uses enumerated
Auditability
- Premium Audit Log — td_audit_log table in your own database; unlimited events, queryable with SQL; includes user identity, timestamp, resource, and action type
- Column-level access events logged — every masked field request is traceable to a specific user and query
- AI agent network calls logged — domain, IP, port, Chat ID, action type; admin-filterable in real time
- Permission Policy API — full audit trail of policy changes via REST; GitOps-compatible
- Unlike legacy export-only audit logs or paid add-on monitoring, your audit log lives in your own database and is queryable with SQL
AI Security
- Server-side sandbox — AI agents have no access to local filesystem; all execution is isolated server-side
- Network Audit Log — every external call logged: domain, IP, port, Chat ID, action type; admin-filterable in real time
- Permission inheritance — agents execute under the requesting user's own permissions, not a privileged service account
- OAuth 2.0 + PKCE — credentials scoped, short-lived, and isolated from client-side JavaScript
- Column-level PII masking before LLM endpoint — PII tags enforced server-side; masked data never reaches Amazon Bedrock or OpenAI
- No training on customer data — Treasure AI and all LLM providers contractually prohibited from using customer content to train models (AI Terms)
- Named LLM providers — Anthropic and OpenAI via Amazon Bedrock; fully listed in the Subprocessor List
- Regional inference — customer data does not cross contracted region boundaries during AI inference
- Customer owns inputs and outputs — no license to Treasure AI beyond operating the service
- EU AI Act alignment — high-risk uses enumerated and prohibited in AI Acceptable Use Policy
Infrastructure
- Multi-AZ deployment on AWS per region — 99.99% uptime (past 90 days); see status.treasure.ai for live metrics
- 5 AWS regions: US East (N. Virginia), US West (Oregon), Europe (Frankfurt), AP Tokyo, AP Seoul Separate KMS encryption keys per region
- Physical security — AWS data center controls (SOC 2 covered)
- Platform patching — critical patches applied within defined SLA
- Service status — real-time availability at status.treasuredata.com
Access Control & Governance
Fine-Grained Control
Across Every Resource
Legacy role-based access can't handle the complexity of a modern CDP. Treasure AI's Policy-Based Permissions let you define exactly what each user, team, or AI agent can do — resource by resource, column by column.
Policy-Based Permissions
Stack multiple independent policies per user.

One policy for region, one for role, one for data classification. Each is additive — no re-architecting roles for edge cases. 6 layers: Database, Workflow, Audience Studio, Authentication, Column-Level, LLM Projects.
Column-Level Dynamic Data Masking
Tag columns as PII. Policies apply masking rules instantly — to every query and every AI agent that touches those columns.

Column-level dynamic masking is not available in most CDPs. In Treasure AI, it applies to every query — including AI agents.
AI Agent Governance
Every AI agent runs in a server-side sandbox. Every external network call is logged. Agents inherit the user's own permissions — PII masking applies automatically. Your CISO can monitor AI behavior in real time.
-
Server-side sandbox — no local filesystem access
-
Network Audit Log — domain / IP / port / Chat ID logged
-
Permission inheritance — agent runs as the user
-
OAuth 2.0 + PKCE — credentials never in browser
-
Column-level PII masking applied
AI Data Handling
-
No training on your data — Treasure AI and its LLM providers are contractually prohibited from using customer content to train AI models (AI Terms)
-
Named LLM providers — Amazon Bedrock and OpenAI; all listed in the Subprocessor List
-
Data stays in your contracted region — inference does not cross regional boundaries without explicit consent
-
You own your outputs — customer retains full ownership of AI inputs and outputs
A Clear Division of Responsibility
Treasure AI secures the platform. You control your data, your users, and your access policies.
Data Residency
Your Data Stays Where You Need It
Deploy in your preferred egion. Data residency is contractually guaranteed — your data never leaves the region without your explicit action.
-
US East (Northern Virginia)
-
US West (Oregon)
-
Europe (Frankfurt)
-
Asia Pacific (Tokyo)
-
Asia Pacific (Seoul)
Resources
Everything Your Security Team Needs
From downloadable audit reports to live service status — all your security resources in one place.
Trust Center
SOC 2 reports, ISO certificates, penetration test summaries, DPA, subprocessor list, and NDA-gated documents.
Product Security Doc
Technical security controls, Policy-Based Permissions docs, column-level access control, and audit log references.
Legal & AI Terms
DPA, subprocessor list (incl. named LLM providers), AI Terms (no-training policy), and AI Acceptable Use Policy.
Responsible AI
Treasure AI's approach to AI safety, bias prevention, AI governance certifications, and our AI subprocessor list.
Service Status
Real-time platform availability, incident history, and scheduled maintenance windows.
Talk to Our Security Team
Have specific compliance requirements? Our security team can walk you through our controls, share audit reports under NDA, and answer your CISO's toughest questions.
FAQs
Yes, Treasure AI engages with a variety of vendors defined as subprocessors. Learn more.
Yes, at our Trust & Security Center.
Yes, at our Trust & Security Center.
Yes, download a whitepaper about Treasure AI and HIPAA compliance.
Treasure AI values the security of its customers and is committed to ensuring that the systems and products are secure. We invite all bug bounty researchers to join our efforts in identifying and reporting vulnerabilities in our systems.
Submit your findings to our dedicated bug bounty email address (vulnerabilities@treasure-data.com) and help us keep Treasure AI secure. Let’s work together to make the Internet a safer place!
Yes, you can learn more about all the regulations in which Treasure AI is compliant by visiting our Trust & Security Center.
Treasure AI is committed to ethical AI innovation, user trust, and safe, fair, and reliable technologies. This includes implementing strict security measures such as AES-256 encryption, fine-grained access controls, continuous threat detection, and automated vulnerability scanning. Employees are restricted from direct access to customer data, ensuring both privacy and compliance.
Learn more about Responsible AI at Treasure AI.