Regulatory control mapping, operational resilience facts, CAIQ-lite answers, and every contract document — honest about what's shipped and what isn't.
Runback supports your controls — it is not, by itself, a compliance certificate.
| Framework | Requirement | Runback control | Evidence produced |
|---|---|---|---|
| EU AI Act · Art. 12 | Automatic event logs for high-risk AI systems over their operational lifetime — enforceable from 2 August 2026 | Hash-chained cassette: every decision context, model version, and policy state sealed at execution | Exportable cassette file per run, verifiable without Runback |
| EU AI Act · Art. 14 | Human oversight — ability to understand, monitor, and override AI outputs | Policy gates block non-compliant calls before execution; sealed record enables post-hoc review | Policy block events are cassette entries with rule, predicate, and full decision context |
| APRA CPS 230 · §45 | Operational incident management including root-cause capability | Deterministic replay of any agent decision from the exact captured context | Re-executable run record with the exact messages[] array the model received |
| APRA CPS 230 · §48 | Business continuity — critical operations must remain available under disruption | Policy gates fail open by default; traces buffer locally and sync on reconnect | Fail-open design; Enterprise can configure fail-closed |
| APRA CPS 234 | Information security commensurate with the degree of risk | PII redacted in-process before egress; RBAC; self-hosted VPC option | Redaction log; RBAC audit trail; self-host keeps your data entirely in your perimeter |
| NIST AI RMF · Govern 1.2 | Organisational accountability for AI risk decisions | Every decision attributed to a specific run, model version, and policy state — tamper-evident | HMAC-SHA256 signed digest per run; append-only org ledger with Merkle checkpoints |
| NIST AI RMF · Measure 2.5 | AI system performance monitoring in production, including drift detection | Continuous capture of decisions with policy evaluation; model diff on real production inputs | Model diff report showing behavioural change before a model upgrade ships |
Architecture and data-handling summary — shipped controls and honest roadmap. Read it →
The DPA, Terms, and Privacy Policy for your legal team. Signed DPA on request.
Enterprise master services agreement with SLAs and governing terms. Request at legal@runback.dev.
Pre-filled answers to standard vendor assessment questions — below on this page.
Self-hosted deployments clear most of these automatically — when nothing leaves your perimeter, most answers are “you control it.”
Self-host in your own VPC — your data never reaches us. Managed cloud resides in the United States (US). EU or Australian residency requires Enterprise self-hosted.
Self-host: you choose the region — your cloud, your perimeter. Managed cloud: US only. Enterprise self-hosted gives you full control of the infrastructure and region.
Yes. Managed cloud uses TLS throughout. Self-host runs behind your own TLS terminator. Session cookies are Secure + httpOnly.
At-rest encryption relies on your Postgres and disk encryption. Application-level field encryption is on the roadmap — not yet shipped, disclosed on our security page.
RBAC with four roles — owner, admin, member, viewer — enforced on every privileged route. The last owner cannot be removed.
Passwordless magic link, and enterprise OIDC SSO (Okta, Microsoft Entra ID, Google Workspace, Auth0, Ping).
Keys, emails, card numbers (Luhn-checked), and SSNs are redacted inside your process — before any trace leaves it. Standard and strict tiers, plus custom patterns.
Yes. Each run is a SHA-256 hash chain with an HMAC-SHA256 authenticated digest, plus an append-only org ledger with Merkle-rooted checkpoints for inclusion proofs. Important limitation: HMAC proves integrity (that the record has not been altered) but not non-repudiation (it cannot independently prove that Runback itself did not alter the record, because Runback holds the HMAC key). Asymmetric signing and third-party timestamping for full non-repudiation are on the roadmap. Self-hosted customers hold their own AUDIT_SIGNING_KEY, which improves their position.
Supabase Inc. (US) — managed Postgres database (stores agent traces, account data, audit logs). Resend Inc. (US) — transactional email delivery (magic-link sign-in and alert notifications). Note: Lemon Squeezy LLC acts as Merchant of Record for paid subscriptions and is an independent data controller for payment data — it is not a sub-processor bound by Runback's DPA. Full list with change-notification commitment in the DPA; countersignable copy at legal@runback.dev.
Yes. Agent trace cassettes use the open, documented runback.cassette/v1 JSON format and can be exported per run at any time — no Runback account or software required to read them after export. Chargeback data exports as CSV. Compliance reports export as structured JSON. For managed cloud, on termination Runback provides a data export window before deletion. Self-hosted customers own the Postgres database outright and can dump it at any time. These mechanisms support your GDPR Art.20 data-portability obligations for any personal data your users may seek to port.
Delete any run at any time. On termination we delete or return your data within 30 days, except where retention is required by law. Self-host: entirely under your control.
No. We do not train models on your data and do not sell personal data.
Observation runs async — never in your agent's critical path. Policy gates fail open by default so your agent is never blocked by Runback downtime. Traces buffer locally and sync on reconnect.
None yet — SOC 2 Type II is in progress. We operate GDPR-aligned with a DPA available on request. We don't claim certifications we don't hold; the security page lists what is shipped and what is on the roadmap. Self-host keeps your data in your own perimeter, which simplifies your own compliance posture.
Yes. We conduct annual penetration tests against our managed cloud attack surface (application, API, and infrastructure layers) conducted by an independent third party. An executive summary or letter of attestation is available to Enterprise customers on request via security@runback.dev. Self-hosted deployments run in your own perimeter — your security team's standard assessment process applies.
Email security@runback.dev. We acknowledge within two business days and credit reporters once a fix ships.
On managed cloud: infrastructure staff have database-level access to the server. PII is redacted inside your application process before anything arrives — card numbers, emails, and SSNs never reach us — but the redacted trace content is readable by anyone with database access. Self-hosted: your data never touches our servers. This question does not apply.
Self-hosted customers own the database. Records remain in your infrastructure regardless of what happens to Runback. Managed cloud: cassette files use an open, documented format (runback.cassette/v1) with a public schema. They export and verify independently without Runback software or a Runback account. We provide a data export window before any cessation of service.
The append-only ledger is designed so that removing an entry breaks the hash chain for subsequent entries — that is the point of tamper-evidence. Our approach: redaction is configured so personal data does not reach the cassette. If PII did reach a managed-cloud cassette and a verified erasure request arrives, we delete the run record, breaking the chain at that point. The break is itself the honest record of what happened. Self-hosted: you own the database and the erasure decision.
Bring your security team. We bring the documents and answer questions directly.