Architectural controls,
not unsupported promises
Decisionproof treats your run data as sensitive, your audit trail as load-bearing, and your payment information as not ours to store. The controls below are design-level — they are not third-party certifications, and we don't pretend otherwise.
Every run is logged
All runs are recorded with a full input → state transitions → result → settlement trace. You can export the complete audit log at any time from your dashboard — no request needed, no TTL on the data.
WORM-protected evidence storage
Audit evidence is written to a write-once, read-many (WORM) S3 bucket. Records cannot be modified or deleted after creation — not by the application, not by an operator mistake.
PayPal-only payments
Decisionproof does not store card numbers or payment credentials. All payment processing is handled by PayPal. Card payment may be available through PayPal guest checkout for eligible buyers, depending on the flow PayPal presents.
API-key auth — no OAuth complexity
Access to the run API is controlled via API keys you create and revoke from your dashboard. Keys can be rotated instantly. No OAuth flows, no token refresh logic to manage on your side. (Sign-in to the dashboard itself uses Google OAuth.)
Deterministic recovery
Runs follow an idempotent state machine with lease-based workers, staged finalize, and a reaper reconciliation loop. Recovery from crashes, timeouts, and retries is deterministic by design — not a claim about AI inference determinism.
Spend caps & receipts
Every run has a hard spend cap. Budget is reserved before work starts. Cost is committed only when the result artifact and its receipt metadata are captured — no receipt, no settlement.
Tenant data isolation
Your run data is scoped to your workspace. There is no shared data layer across tenants. API keys only authorize access to your own tenant's runs, receipts, and audit records.
A note on private beta
Decisionproof is in paid private beta. The service runs on AWS (EKS, RDS, ElastiCache, S3) using production-grade configuration, but we do not publish uptime SLAs during the beta period. APIs, limits, and operational defaults may change.
We do not claim third-party compliance certifications or regulatory coverage during the paid private beta. The controls on this page are architectural — not certifications. If your use case requires a named certification, Decisionproof may not be the right fit at this time.
If you experience an outage or unexpected behaviour, contact ghilplip934@gmail.com. We respond within 1 business day. Commercial refund requests are reviewed case-by-case within 48 hours of purchase; non-waivable consumer-protection rights in your jurisdiction are preserved separately — see the billing FAQ and the Terms of Use.
Questions about security?
We respond to all security and compliance enquiries within 1 business day.