Governance & Trust

Enterprise-grade controls for every agent, every decision.

Helios runs inside Bluesky Tech's compliance perimeter. Every model call, every approval, every byte of data is logged, scoped to a region, and traceable to a human owner.

SOC 2 Type IIISO 27001PDPA · GDPREU AI Act — In progress
A-LIGN
SOC 2 Type II
Certified
Security, Availability, Confidentiality
Valid until 12 Mar 2026
BSI Group
ISO/IEC 27001:2022
Certified
ISMS — APAC operations
Valid until 04 Sep 2026
Internal DPO
GDPR
Aligned
EU data subjects
Annual review · Jan 2026
Drew & Napier LLC
Singapore PDPA
Aligned
SG operations & customers
Reviewed 18 Oct 2025
Internal AI Council
EU AI Act
In progress
High-risk system readiness
Target: Q2 2026
Self-attested
NIST AI RMF 1.0
Aligned
Govern · Map · Measure · Manage
Mapped Oct 2025
Trust Center
Documents & audit log
DocumentSizeUpdatedSourceAction
SOC 2 Type II Report — FY25PDF · 4.2 MB12 Mar 2025A-LIGN
ISO 27001 CertificatePDF · 880 KB04 Sep 2024BSI Group
Penetration Test — Q3 2025PDF · 6.1 MB21 Sep 2025NCC Group
Data Processing AddendumPDF · 312 KB01 Jan 2025Bluesky Legal
Subprocessor List v4.2PDF · 188 KB10 Oct 2025Bluesky Trust
AI Model Card — Helios CorePDF · 1.4 MB28 Aug 2025Helios AI