askOdin — AI Judgment Infrastructure for Capital Allocation

PROTOCOL: SECURE / ZERO-TRUST / READ-ONLY

Legally Protected. Cryptographically Secure.

Private market diligence demands zero-leakage parameters. askOdin operates entirely above your data layer, validating transaction logic without ingesting proprietary intellectual property or training public models.

// THE ARCHITECTURE

The Enterprise Security Architecture

Layer 01 — Zero Ingestion Liability

The Reality: Standard conversational tools utilize your unique inputs, deal metadata, and internal queries to train public neural networks. You are quietly leaking your fund's proprietary operational alpha to the public cloud with every prompt.

The askOdin Standard: We deploy a completely stateless architecture. Your data rooms, financial models, and strategic notes are processed in memory within secure, isolated execution environments and immediately destroyed post-compilation. We store zero customer data.

Layer 02 — Localized Sovereign Deployment

The Reality: Multi-tenant SaaS platforms expose highly sensitive transaction pipelines to cross-contamination risks and third-party API dependencies.

The askOdin Standard: Available as a dedicated single-tenant instance or a private cloud deployment. Your transaction pipelines remain fully containerized within your firm's existing security perimeter, satisfying strict LP data residency mandates.

Layer 03 — Cryptographic Trail Generation

The Reality: A conversational chatbot history that outputs a slightly different response based on how a prompt is worded cannot survive a rigorous fiduciary audit.

The askOdin Standard: Every level 5 audit generates a deterministic, reproducible verification score anchored by cryptographic trails. If the inputs do not change, the mathematical verdict never changes — providing an unbending, auditable paper trail for regulatory compliance.

// THE SECURITY PROTOCOL

Built for the Risk Officer.

Ephemeral Processing

We do not train on your data. Period.

Enterprise Clarity deployments run on a stateless, ephemeral architecture. Decks, financial models, and cap tables are processed in ephemeral compute and purged on completion. The audit produces a Defensible Audit Log™; the substrate it ran on does not survive the session.

Encryption

Encrypted at every stage of the pipeline.

  • At rest: AES-256
  • In transit: TLS 1.3
  • API access: token-based auth with scoped permissions

Infrastructure

Enterprise-grade cloud with security and performance guarantees.

  • Compute: Google Cloud Platform (Enterprise Tier)
  • Edge: Cloudflare WAF, DDoS protection, CDN
  • Deployment: multi-tenant (emerging managers) or dedicated instance (enterprise funds)

Jurisdiction

Headquartered in Singapore — a recognized financial center under English Common Law.

  • Legal framework: Singapore Companies Act, PDPA compliance
  • IP protection: four U.S. provisional patents filed
  • Data sovereignty: processing region configurable per deployment

// SOVEREIGN-GRADE RUNTIME

The runtime is legally vetted, not just encrypted.

The JUDGE Protocol™ — askOdin's runtime circuit breaker — intercepts probabilistic hallucinations before they reach an output, isolates the offending variable, and hot-loads a corrective constraint without altering the underlying model. It is the only component of the stack to carry a national-security clearance.

Clearance

U.S. Prov. Patent No. 64/017,488
IPOS §34 National Security Clearance
Issued 2026-03-26

Compliance Roadmap

Current
  • Ephemeral Processing policy
  • AES-256 / TLS 1.3 encryption
  • Google Cloud Enterprise Tier
  • Cloudflare WAF + DDoS protection
  • PDPA (Singapore) compliance
  • IPOS §34 clearance (JUDGE Protocol)
In Progress
  • SOC 2 Type I certification
  • GDPR Data Processing Agreement
  • Penetration testing (third-party)
Planned
  • SOC 2 Type II certification
  • ISO 27001
  • On-premise deployment option

// OBJECTION HANDLING

Security & Compliance FAQ

Does askOdin train its models on the data we upload?

No. Execution is stateless, with a strict ephemeral-processing mandate. Deal documents are processed in ephemeral compute and purged on completion; they never enter any training corpus.

Is askOdin SOC 2 or ISO 27001 certified?

Current controls: ephemeral processing (no data retained), AES-256 at rest, TLS 1.3 in transit, stateless API orchestration, PDPA compliance, and IPOS Section 34 National Security Clearance. SOC 2 Type I and a GDPR Data Processing Agreement are in progress; SOC 2 Type II and ISO 27001 are on the roadmap. Documentation is available under NDA for your security review.

Will askOdin sign a DPA, and do you use Standard Contractual Clauses?

Yes — a Data Processing Agreement is available for institutional instances, with Standard Contractual Clauses for cross-border transfers. Contact the security team to initiate signing.

Where is our data processed — what data-residency options exist?

Processing region is configurable per deployment; the default jurisdiction is Singapore under PDPA, with EU and US residency available for dedicated instances.

Can askOdin run as a stateless or dedicated instance?

Yes. Institutional deployments run as stateless instances with ephemeral processing and strict data sovereignty; your proprietary deal flow is isolated to your private session and never commingled.

Who are askOdin’s sub-processors?

Enterprise-tier cloud compute (Google Cloud), edge security (Cloudflare), and a swappable model provider behind an adapter layer. The current sub-processor list is provided under NDA.

Is the output auditable and defensible to a regulator?

Yes. askOdin is a deterministic compiler, not a probabilistic black box. Every verdict produces a Defensible Audit Log with cross-document provenance — reconstructible under fiduciary inquiry or regulatory examination.

Questions about security?

We welcome security reviews and provide detailed technical documentation for your compliance team.