🔐 Compliance

GDPR and ISO 27001 compliance status

🇪🇺 GDPR
🏢 ISO 27001
Overall Compliance

📋 Audit Checks

Run compliance audit via CLI: uaml audit --format json

🇪🇺 GDPR

  • Art. 5 — Purpose limitation
  • Art. 6 — Lawfulness of processing
  • Art. 7 — Consent tracking
  • Art. 15 — Right of access
  • Art. 25 — Data protection by design
  • Data minimization
  • Storage limitation

🏢 ISO 27001

  • A.8.2 — Data classification
  • A.8.3 — Access control
  • A.8.13 — Backup
  • A.8.15 — Audit trail
  • A.8.24 — Encryption

🔒 Internal

  • Client data isolation
  • Ethics pipeline active
  • Data integrity (hash)
  • PQC encryption (ML-KEM-768)

🔐 Encryption Status

AlgorithmML-KEM-768 + AES-256-GCM
StandardNIST FIPS 203
Quantum Resistant✅ Yes
Key Escrow⚠️ Not configured