Trust & Safety

Security at PrimeVitas

Last Updated: January 1, 2026

Security is foundational to what PrimeVitas does. Our customers send us high-stakes data from legal, medical, financial, and autonomous systems. We treat that responsibility seriously. This page describes how we secure the Service and your data.

Infrastructure Security

Cloud & Network

AWS private cloud — no public exposure
ECS Fargate — no persistent compute surface
ALB in front of all containers
Container SG: port 8000 from ALB only
Default VPC with security group isolation

Data Protection

AES-256 encryption at rest
TLS 1.3 encryption in transit
Zero document retention post-verification
Secrets via AWS Secrets Manager
No plaintext credentials in environment

Container Security

Private ECR registry — not publicly accessible
Scan-on-push for all container images
Images tagged by git SHA — full audit trail
Multi-stage Dockerfile — minimal attack surface

Access Control

API key authentication on all endpoints
IAM least-privilege roles (ECS + task separation)
No SSH access to running containers
CloudWatch logging — 30-day retention

API Security

Every request to the PrimeVitas API — except the public /v1/health endpoint — requires a valid API key sent as a Bearer token. Keys are scoped to your account and can be rotated at any time from your dashboard.

HTTP 401 returned for missing or invalid keys
HTTP 402 returned when monthly usage limit is exceeded
Rate limiting enforced per API key
All traffic served over HTTPS — HTTP requests are rejected

Zero Data Retention

The content you submit for verification — legal text, medical records, financial transactions, autonomous vehicle decisions — is processed in memory and discarded immediately after a result is returned. We have no stored copy of what you verified. Our logs record only that a verification occurred, the verdict, the latency, and the API key identifier.

This is a core design decision, not an afterthought. In regulated industries, the data you send us is often the most sensitive data you have. We do not want it, and we do not keep it.

Stateless Architecture — What This Means Specifically

For enterprise customers in regulated industries — legal, medical, financial, government — the following is a precise description of what happens to your data during a PRIME21 verification call:

No document content is written to disk. Verification requests are processed entirely in memory within the running container. Nothing is persisted to any storage layer.
No document content appears in logs. CloudWatch logs record: timestamp, API key identifier (hashed), endpoint called, verdict returned, and latency. Document content, attorney names, matter identifiers, and client data are never written to any log.
No cached copies. There is no caching layer that retains request content. Each verification call is independent and ephemeral.
No crash-dump retention of input material. Container crash reporting does not capture request payloads.
No telemetry that includes client data. Usage analytics record call volume, endpoint distribution, and latency — not content.
The CLAUDIT audit record contains the verdict, timestamp, and attorney credential — not the document. The audit ledger is a record of what was verified and who verified it, not a copy of what was submitted.

The verification call is ephemeral by architecture, not by policy. There is no configuration option that enables retention. There is no database table for document content. There is nothing to subpoena, compel, or breach.

No Sub-Processor Chain

PRIME21 does not route customer data through third-party AI providers, translation services, support platforms, or any other sub-processor. Verification runs on PrimeVitas-controlled infrastructure. There is no chain of vendors receiving your data. There is no privacy policy from a sub-processor that permits government disclosure — because there is no sub-processor.

For enterprises deploying PRIME21 on-premises: customer data never leaves the customer's own infrastructure at all. The verification engine runs inside your environment. PrimeVitas receives only the CLAUDIT audit record — the verdict and metadata — not the content that was verified.

On-Premises Deployment

Enterprise customers in regulated industries can deploy PRIME21 entirely within their own infrastructure — on-premises or in a private cloud environment they control. In this configuration:

No customer data transits PrimeVitas infrastructure at any point
The verification engine runs on customer-controlled hardware
The CLAUDIT audit ledger is maintained within the customer's own systems
PrimeVitas has no access to customer data, matters, or documents

On-premises deployment is available under the Platform tier. Contact info@primevitas.ai for architecture documentation and deployment requirements.

API Documentation Disabled in Production

Automatic API documentation (Swagger/OpenAPI UI) is disabled in production. Endpoint discovery by unauthorized parties is not possible through the standard framework defaults.

Responsible Disclosure

We take security reports seriously. If you believe you have found a security vulnerability in the PrimeVitas Service, please report it to us privately before public disclosure. We commit to:

Acknowledging your report within 48 hours
Keeping you informed of our progress toward a fix
Not taking legal action against researchers acting in good faith
Crediting responsible disclosures (with your permission)

Please do not access, modify, or exfiltrate data that does not belong to you. Limit testing to your own account and API keys.

To report a security vulnerability, email info@primevitas.ai

Please encrypt sensitive reports using PGP if possible. Key available on request.

For general security questions, use the same address.