Trust isn't a page. It's the platform.
Every NXHub tenant inherits the same security posture as our largest enterprise deployments. Encryption, audit, disaster recovery, and regulatory reporting ship on day one — not as an upsell.
Audit-ready on day one.
NXHub launches in LATAM with the data-protection regimes your regulators actually enforce — and the global frameworks your board and auditors already trust. North America and EU activate as those markets come online.
Lei 13.709 — full data-subject rights, DPO contact, RIPD records.
ActiveANTAI personal-data oversight across every tenant.
ActiveARCO rights workflow, privacy notices, INAI-aligned controls.
ActiveHabeas Data registry, SIC reporting, consent receipts.
ActiveAAIP-aligned controls and cross-border transfer safeguards.
ActiveModernised privacy law — purpose limitation and subject access.
ActiveIndependently audited security & availability controls.
ActiveInformation-security management aligned to international standard.
ActiveCard data tokenised at Stripe — never touches NXHub systems.
ActiveEnterprise BAA + PHI-grade safeguards. Activates with US healthcare launch.
RoadmapCalifornia residents. DSAR workflow ships with the US rollout.
RoadmapEU/EEA. DPA and subprocessor list available today on request.
RoadmapEncryption everywhere
TLS 1.3 in transit, AES-256 at rest, per-tenant key scoping for storage.
Continuous audit trail
Every privileged action logged to an append-only ledger — actor, payload, outcome.
Disaster recovery
Point-in-time recovery to any microsecond within the trailing 14 days.
Full attestations, regional DPAs, and subprocessor lists available on request via the Trust Center.
Need SOC 2 reports or our DPA?
Attestations, subprocessor lists, penetration-test summaries, and the master DPA are available under NDA via the Trust Center.