Governance & Trust
Enterprise-grade controls for every agent, every decision.
Helios runs inside Bluesky Tech's compliance perimeter. Every model call, every approval, every byte of data is logged, scoped to a region, and traceable to a human owner.
SOC 2 Type IIISO 27001PDPA · GDPREU AI Act — In progress
A-LIGN
SOC 2 Type II
Certified
Security, Availability, Confidentiality
Valid until 12 Mar 2026
BSI Group
ISO/IEC 27001:2022
Certified
ISMS — APAC operations
Valid until 04 Sep 2026
Internal DPO
GDPR
Aligned
EU data subjects
Annual review · Jan 2026
Drew & Napier LLC
Singapore PDPA
Aligned
SG operations & customers
Reviewed 18 Oct 2025
Internal AI Council
EU AI Act
In progress
High-risk system readiness
Target: Q2 2026
Self-attested
NIST AI RMF 1.0
Aligned
Govern · Map · Measure · Manage
Mapped Oct 2025
Trust Center
Documents & audit log
| Document | Size | Updated | Source | Action |
|---|---|---|---|---|
| SOC 2 Type II Report — FY25 | PDF · 4.2 MB | 12 Mar 2025 | A-LIGN | |
| ISO 27001 Certificate | PDF · 880 KB | 04 Sep 2024 | BSI Group | |
| Penetration Test — Q3 2025 | PDF · 6.1 MB | 21 Sep 2025 | NCC Group | |
| Data Processing Addendum | PDF · 312 KB | 01 Jan 2025 | Bluesky Legal | |
| Subprocessor List v4.2 | PDF · 188 KB | 10 Oct 2025 | Bluesky Trust | |
| AI Model Card — Helios Core | PDF · 1.4 MB | 28 Aug 2025 | Helios AI |