AI Trust and Compliance
Built on a foundation of
security and responsibility.
SolaraIMPACT is built on a foundation of security, transparency, and responsible AI — so your team can focus on the work. Updated March 2026.
SOC 2 Type II
Security, Availability and Confidentiality. Audited by Accorp Partners CPA LLC. No Exceptions Noted.
EU AI Act Compliant
Limited Risk classification. Full Article 50 transparency obligations applied.
GDPR Ready
Data Processing Agreement available. Sub-processor transparency. Data subject rights supported.
Zero AI Training
We never train AI models on your data. Neither do our model providers via our API configurations.
EU AI Act
EU AI Act Compliance
SolaraIMPACT is classified as a Limited Risk AI system under Regulation (EU) 2024/1689. This means:
-
Not a high-risk AI system
SolaraIMPACT is not used for employment decisions, biometric identification, credit scoring, law enforcement, or any other high-risk category.
-
Full Article 50 transparency
All AI-generated content is clearly labeled as AI-generated within the platform.
-
Formal Risk Assessment complete
We have completed a formal Risk Classification and Compliance Assessment, available to enterprise customers on request.
-
Comprehensive documentation
We maintain a full EU AI Act compliance documentation set including Risk Classification Assessment, AI System Technical Description, Human Oversight Policy, Post-Market Monitoring Plan, and AI Incident Response Procedure.
Classification: Limited Risk
SolaraIMPACT meets the transparency and documentation requirements under Article 50 of the EU AI Act.
All compliance documentation is available for direct download in the Documents section below.
AI Transparency
AI Transparency
SolaraIMPACT is an AI-powered platform. We are transparent about exactly how AI works in our product.
What AI does in SolaraIMPACT
- Analyzes your inputs (briefs, objectives, market context) and generates strategic recommendations, content, and analyses
- Powers 21+ specialized solutions for marketing and PR workflows
- Produces advisory outputs that your team reviews, edits, and uses — never autonomous actions
What AI does NOT do
- Make decisions without your review — all outputs require human approval before any external use
- Train on your data — we use zero-data-retention API configurations with all model providers
- Store your prompts with model providers — your data stays within our Azure infrastructure
AI Models We Use
| Provider | Model | Use Cases | Trust and Security |
|---|---|---|---|
| Anthropic | Claude | Strategic analysis, content generation, workflow planning | trust.anthropic.com |
| Gemini | Search-integrated research, competitive intelligence | cloud.google.com/security | |
| OpenAI | GPT | Specialized analysis, alternative perspectives | trust.openai.com |
| xAI | Grok | Real-time web search, news and social intelligence | x.ai/security |
Security
Security
SOC 2 Type II Certified. Infrastructure on Microsoft Azure. Here is how we protect your data.
Encryption
TLS 1.2+ in transit, AES-256 at rest across all data stores (Cosmos DB, file storage, Redis).
Access Control
Role-based access, user-level data isolation, MFA via Clerk (SAML 2.0, OIDC, OAuth 2.0).
Infrastructure
100% Microsoft Azure. Inherits Azure's SOC 1/2/3, ISO 27001, and FedRAMP High certifications.
Monitoring
24/7 Azure monitoring, application health checks, 99.5% uptime target, incident response SLA.
Your Data
Your Data
You own it. We protect it. We never misuse it.
Data Ownership
You retain full ownership of all inputs and AI-generated outputs. We claim no rights over your content.
Data Residency
Hosted on Microsoft Azure East US 2. EU data residency available on request for customers with specific requirements.
Data Deletion
30-day retrieval window after subscription ends. Delete specific jobs or all your data at any time on request.
Certifications
Certifications and Standards
| Standard | SolaraIMPACT | Azure | Anthropic | OpenAI | |
|---|---|---|---|---|---|
| SOC 2 Type II | ✓ | ✓ | ✓ | ✓ | ✓ |
| ISO 27001 | Via Azure | ✓ | ✓ | ✓ | ✓ |
| ISO 42001 (AI) | Via Anthropic/Google | — | ✓ | — | ✓ |
| FedRAMP | Via Azure | ✓ (High) | — | — | ✓ (High) |
| GDPR | ✓ (DPA available) | ✓ | ✓ | ✓ | ✓ |
| EU AI Act | ✓ (Limited Risk) | — | ✓ | ✓ | ✓ |
| No API Training | ✓ | — | ✓ | ✓ | ✓ |
Documentation
Compliance Documentation
All compliance documents are publicly available for immediate download. No request needed.
GDPR-compliant DPA including Standard Contractual Clauses for EU-US data transfers.
↓ Download PDFHow we collect, use, store, and protect your data. Covers data subject rights, retention, and international transfers.
↓ Download PDFOur EU AI Act Article 50 obligations: how AI-generated content is disclosed to users within the platform.
↓ Download PDFComplete list of sub-processors including AI model providers, infrastructure, authentication, and payments.
↓ Download PDFFormal classification of SolaraIMPACT as a Limited Risk AI system.
↓ Download PDFArchitecture overview, LLM integrations, data flows, and safety measures.
↓ Download PDFHow SolaraIMPACT ensures human review over all AI outputs.
↓ Download PDFOngoing AI performance tracking and continuous improvement.
↓ Download PDFIncident classification and regulatory reporting procedures.
↓ Download PDFInput data handling, retention, and data quality standards.
↓ Download PDFSOC 2 Type II Report is available under NDA — contact us to request access.
Contact
Questions?
We are here to help with any security and compliance inquiries.
Security and Compliance
privacy@solaracloud.ai
General Questions
contact@solaracloud.ai
Response Times
We respond within 48 hours and provide substantive responses within 5 business days.