Security and compliance.

Client building records, drafts, and review artifacts are encrypted in transit using modern TLS and at rest using AES-256. Encryption keys are managed in a dedicated key management service with strict access controls, rotated on a published cadence, and audited on every privileged use.

Aedifice does not use client building records to train foundation models. Aggregated, de-identified signal about how Wren performs its drafting and review tasks is used to improve those workflows, and a client may opt an engagement out of that program on request.

Access to production systems is role-based, scoped to the minimum set of permissions required for a role, and granted only after identity verification and approval by a named reviewer. Single sign-on is required for all Aedifice staff and available to client institutions.

Every privileged action against a production system is logged with the identity of the actor, the target of the action, and the time. Logs are retained for the period required by applicable law and by the professional standards of the licensed practitioners engaged on the platform.

Each client institution operates inside an isolated tenant. Building records, drafts, and review artifacts from one tenant are not visible to any other tenant and are not accessible to Wren across tenant boundaries. Isolation is enforced at the storage layer, the application layer, and the inference layer.

Cross-tenant activity is limited to operational functions that do not read client content, and each such function is subject to the access control and audit logging described above.

Aedifice is pursuing SOC 2 Type II. An initial readiness assessment has been completed, the control set is documented, and the observation window is in progress. We will publish the attestation on this page when it is issued, and we will not claim certification until it is.

In parallel, Aedifice maintains controls aligned to ISO 27001 and to the sector-specific standards that apply to institutional clients working on regulated buildings. A summary of current controls and a detailed questionnaire response are available to prospective clients under a mutual non-disclosure agreement.

Security researchers and clients who discover a vulnerability in an Aedifice surface are asked to report it to security@aedificeai.com. Reports are acknowledged within one business day and triaged by a named security engineer, not a ticket queue.

Our full responsible disclosure policy, including safe-harbor terms and timelines, is published at /legal/responsible-disclosure. Aedifice does not pursue legal action against researchers acting in good faith under that policy.

Aedifice engages a small set of sub-processors to run the service. Each is bound by a written contract with confidentiality and security commitments no less protective than our own, and each is reviewed annually. The current list is below, and is updated on this page before any new sub-processor is added.

• AnthropicFoundation-model inference for Wren’s drafting and review tasks.
• Amazon Web ServicesPrimary infrastructure, compute, object storage, and managed databases.
• CloudflareEdge delivery, DDoS protection, and DNS for public-facing surfaces.
• DatadogObservability, logging, and performance monitoring of production systems.
• StripeBilling and payment processing for institutional accounts.