GDPR / UK GDPR
AIQCAT operates as controller and, for enterprise customers, as processor under a documented Data Processing Addendum implementing EU SCCs and the UK IDTA.
Security
ISO/IEC 27001 — ISMS in operation, certification in process.
AIQCAT operates an information security management system (ISMS) aligned with the ISO/IEC 27001 control set. A formal certification audit is being arranged with an accredited certification body.
ISO/IEC 27001 — alignedCertification — in processGDPR · UK GDPR · APPI
Regulatory positioning
How AIQCAT positions itself.
AIQCAT is built to satisfy the requirements of the major data-protection and AI-governance regimes in the jurisdictions it operates in.
Japan's APPI
Personal information is processed under APPI requirements, with Tokyo data residency available.
US state privacy laws
A unified data-subject-rights process covers applicable US state privacy regimes.
AI governance
Evaluator-engine behaviour is monitored post-deployment, including drift, incident, and complaint handling.
Operating entity
Corporate information.
AIQCAT is operated by KandaQuantum Inc.. Corporate filings and any entity-level certifications are matters of the operating company.
Transparency
Transparency reporting.
AIQCAT publishes a transparency summary covering grading consistency, cohort distribution, and calibration activity. Anonymised, aggregate figures are shared as each cycle completes.
Need a security questionnaire or DPA?
Write to certification@aiqcat.org. We will be transparent about which controls and contracts are in place and which are still in progress.
certification@aiqcat.org →