Trust

Public posture. Gated detail. One place to find both.

Privacy, security, AI behaviour, and sub-processor disclosure for the PrimeTDAP platform — published in full. Deeper documentation for procurement, legal, and security review is shared on request under NDA.

On request

Documents we share under NDA.

These cover the operational, architectural, and contract-template detail that's appropriate to share with named procurement / legal / security teams but not to publish openly.

  • Data Processing Agreement (full text)

    The complete 18-section template that is countersigned as an addendum to the MSA. Suitable for legal review prior to a contracted engagement.

    Emailed under NDA

    Request
  • Security & Compliance documentation pack

    Information Security Policy, Access Control Policy, Encryption Standards, Incident Response Plan, BCP/DR Plan, Data Retention Policy, AI Use Policy, and supporting policies (21 documents in total).

    Emailed under NDA

    Request
  • Security Architecture Document

    Full architectural detail of the platform — control planes, isolation boundaries, dependency diagram, threat model. Goes deeper than what's on the public Security & Compliance page.

    Emailed under NDA

    Request
  • Sub-Processor change notifications

    Subscribe to receive 45-day prior-notice emails when our sub-processor list changes.

    One-time confirmation email; ongoing notifications as changes occur

    Request

Already a customer? Active customers receive the doc pack automatically at engagement start and on every material update.

Standards alignment

What we align to.

Controls aligned to SOC 2, ISO 27001, ISO 42001, OWASP Top 10, NIST AI RMF, and NIST SP 800-61. EU AI Act classified per surface. Posture is stated as aligned when controls are in place but no third-party audit has been completed, and as certified only after audit. A formal certification readiness assessment for SOC 2 and ISO 27001 is underway.

Reporting channels

Where to send what.

Security incidents

Suspected unauthorized access, data exposure, anomalous AI behaviour, or any concern with platform security posture.

security@primussoft.com

Privacy & legal

Data Subject Access Requests, privacy questions, contract questions, sub-processor objections, AI compliance concerns.

legal@primussoft.com

General

Engagement inquiries, demo requests, partnership conversations.

hello@primussoft.com

Procurement-ready documentation, on request.

If you're evaluating PrimeTDAP for an upcoming engagement — assessment, audit-readiness, or due-diligence — the fastest path to the full posture is to request the doc pack, shared by email under NDA.