Trust center

The page your procurement team is asking for.

Pursuing SOC 2 Type II (target H2 2026) and ISO 27001 (target 2027). Status updated quarterly. We won't claim what we haven't earned.

Self-hosted only — your data never leaves your infrastructure. We do not run a cloud-managed offering year 1.

Versioned list, downloadable. Email-on-change subscription available. Updated for any vendor that touches customer-attributable data.

Standard DPA available for download (PDF, signed). Custom MSAs at Enterprise tier.

TLS 1.3 in transit. AES-256-GCM at rest. Optional customer-managed keys (KMS / Vault / HSM). HSTS preloaded.

Least privilege, just-in-time, audit-logged. Quarterly access recertification. SSO mandatory for staff, MFA mandatory everywhere.

Annual minimum, quarterly aspirational. Executive summary on request, full report under NDA.

30-day advance notice via the email subscription. Customers can object before the change takes effect.

Public status page at status.argitron.com (coming soon). Built from our own /status.json endpoint — eat our own dogfood.