Signio | Trust Center
Signio

From tenant isolation to EU data residency, Signio enforces strict standards to keep your firm's data private and every answer traceable to its source. This page describes what is in place today.

Overview Controls Sub-processors FAQ
Overview

Signio is built for confidential commercial real estate work. Every firm is isolated at the database layer, data is encrypted and held in the EU, and answers are drawn only from your own documents with their sources shown. Your data is never used to train AI models, and deleting a document removes it permanently.

Contact
Policies
Certifications
None held today — see the FAQ.

Controls

Last updated July 2026
Separation between firms
The strongest guarantee Signio makes, and the one tested most directly.
ControlDetail
Tenant isolation

Each firm is a separate tenant. No firm can read, search, or reach another firm's documents, notes, or conversations.

How we do it
Private per-firm storage

Uploaded documents are stored in a private container belonging to a single firm, reachable only by that firm's signed-in users.

How we do it
Verified isolation

Isolation is tested directly against the running system, in both directions.

How we do it
Access and authentication
Access follows the accounts your IT team already controls.
ControlDetail
Work-account sign-in

Access requires your organisation's own Microsoft account. Personal accounts are rejected.

How we do it
Per-request verification

Every request is verified against your firm's identity before any data is read or written.

How we do it
Least-privilege application access

The account Signio uses to reach your data cannot cross firm boundaries or escalate its own permissions.

How we do it
Restricted staff access

Signio staff access customer content only where needed to operate, support, or secure the service, or where legally required.

How we do it
Infrastructure and encryption
Encrypted, EU-based, and built without stored secrets.
ControlDetail
Encryption in transit

All traffic between you and Signio is encrypted.

How we do it
Encryption at rest

Stored documents and data are encrypted at rest on Microsoft Azure.

How we do it
EU data residency

Data is stored in Sweden. All processing, including the AI that generates your answers, stays within the European Union.

How we do it
No stored credentials

Signio holds no passwords, keys, or connection strings in its code.

How we do it
Grounded AI
Built for confidential legal and real-estate material.
ControlDetail
Organisation-scoped retrieval

Signio can search only your own firm's documents. It has no route to another firm's material.

How we do it
Traceable answers

Signio answers from your documents and shows the sources behind every response. Where it does not have the answer, it says so rather than guessing.

How we do it
No model training

Your documents are not used to train or improve any AI model, and are never used to answer another firm's questions.

How we do it
Auditability and deletion
A clear record of what happened, and deletion that is permanent.
ControlDetail
Audit record

Key actions, including changes and deletions to documents, are recorded.

How we do it
Permanent deletion

Deleting a document removes the file immediately, with no retained copy.

How we do it

Sub-processors

The service providers involved in running Signio. We publish them so you always know who touches your data. All are Microsoft Azure services, in the EU.

ProviderPurpose
Microsoft Azure — OpenAI Service
The AI models that generate answers.
Microsoft Azure — Document Intelligence
Reads and extracts text from uploaded documents.
Microsoft Azure — Blob Storage
Stores your uploaded files (private, per firm).
Microsoft Azure — Database for PostgreSQL
Stores your workspace data.
Microsoft Entra ID
Handles sign-in with your work account.
Microsoft Azure — Application Insights
Collects application logs, errors, and request metadata to operate and secure the service. No document content.

FAQ

What encryption do you use?

Data is encrypted in transit using modern TLS, and at rest on Microsoft Azure with AES-256.

Who can access our data?

Your data is reachable only by your firm's own signed-in users. Every firm is kept separate from every other, and we've tested that separation directly. Our own team accesses your content only when it's needed to operate, support, or secure the service, or where we're legally required.

Does the AI learn from or train on our data?

No. Your documents are used only to answer your own questions — never to answer another firm's — and they're not used to train or fine-tune any AI model: we don't fine-tune on your data, and our AI provider commits the same in its terms.

Where is our data stored?

On Microsoft Azure. Your data is stored in Sweden, and all processing — including the AI — stays within the European Union.

What happens to our data if we stop using Signio?

You can delete any document at any time, and that deletion is permanent. A full self-serve account export or deletion on exit isn't automated yet — for now, we handle off-boarding with you directly, so you get what you need before anything is removed.

Is Signio independently certified?

No. Signio holds no independent security certifications today. Certification is a goal, and the controls described here are built and documented with it in mind, but we have not set a date. Everything on this page is in place and running now — we're happy to walk you or your IT team through any of it in detail.