Security & compliance

Most of your security questionnaire, answered up front.

PetroBrain handles safety-critical operational data, so security isn’t a feature — it’s the foundation. Here’s where your data lives, how it’s protected, and the boundaries the system operates within. Every claim below is stated precisely: we say “alignment” where we’ve designed to a standard, and “certified” only where a certificate has been issued.

Read-only into OTTenant-isolatedYou own your data

Data residency

Choose where your data lives.

Residency is a configuration, not a renegotiation. Three deployment shapes, depending on your sovereignty and IT requirements:

On-prem / sovereign

Deploy the operational tier entirely within your own data centre or national boundary. For operators with data-sovereignty obligations, residency is a deployment choice — not a special case.

In-region cloud

Hosted in the cloud region you choose; your data stays in that region. Suited to operators who want managed hosting without leaving their jurisdiction.

Hybrid (default)

General knowledge and public data in the cloud tier; your documents, historian replica, calculation engine and operational data on-prem behind your OT firewall.

Encryption

Encrypted in transit and at rest.

In transit: TLS 1.2+ for all connections, with modern cipher suites. No plaintext transport.
At rest: AES-256 encryption for stored data and backups.
Key management: Keys managed in a dedicated key-management service; rotation supported. Customer-managed keys available for on-prem deployments.
Secrets: No secrets in client code. Server-only credentials; market-feed keys held on the customer’s behalf, never exposed to the browser.

Standards

IEC 62443 & ISO/IEC 27001 alignment.

IEC 62443

Our security design follows the IEC 62443 framework for industrial automation and control-system security — segmentation, least privilege, and a read-only posture toward OT.

ISO/IEC 27001

Our information-security management practices are designed to align with ISO/IEC 27001 — risk management, access control, and operational security controls.

Alignment, stated honestly

“Alignment” describes how we’ve designed and operate against these standards. It is not a claim of certification. Where a formal certification or audit report (e.g. ISO 27001 certificate, SOC 2) has been issued, we will say so explicitly and make it available under NDA. Ask us for current status.

OT posture

No control path

Read-only toward OT. It never actuates anything.

PetroBrain reads from a read-only historian/SCADA replica. There is no write path from the system into your control environment — it cannot set a value, open a valve, or move a single piece of plant. Data flows one way, out of OT, across a segmented boundary.

Read-only replica

It consumes a replica of historian/SCADA data — not a live connection to controllers.

One-way data flow

Operational data moves out of OT for reasoning; nothing flows back as a command.

Segmented boundary

The operational tier sits behind your OT firewall, isolated from the control network.

Tenant isolation

Your data stays yours.

Each customer runs in a dedicated, logically isolated tenant — data is never commingled across customers.
Your operational data is processed on your behalf, within your tenant; it is not used to train shared or third-party models.
Role-based access control governs who can see and do what, with least-privilege defaults.

Audit logging

Provable, not just plausible.

Every answer is reconstructable — traceable to the documents it drew on and the figures it cited.
Access, administrative actions and configuration changes are logged.
Logs are exportable to support your own audit, SIEM and review processes.

Sub-processors

Who else touches the data.

The third parties that may process data on our behalf, and why. We notify customers of material changes to this list.

Sub-processor	Purpose	Region
[Cloud infrastructure provider]	Hosting & compute for the cloud knowledge tier	[Customer-selected region]
[LLM/model provider]	Language reasoning (no operational data retained for training)	[Region]
[Email / notification provider]	Transactional email (e.g. demo requests)	[Region]
[Analytics — Plausible]	Privacy-respecting, cookieless web analytics	[EU]

Placeholder list — replace bracketed entries with the actual sub-processors and regions before publishing.

Data rights & residency

You own your data. We’re explicit about every other case.

Your data

You own it

Your operational data is yours. PetroBrain processes it only within your tenant and on your behalf — never sold, never used to train shared models.

Market feeds

Your licence, on your behalf

If you connect a paid market feed (e.g. Platts, Argus), PetroBrain reasons over it under your subscription and licence. We don’t resell anyone’s data.

Aggregates

Governed by the DPA

Any use of anonymized, aggregated data to build benchmarks is governed by our Data Processing Agreement — with de-identification guarantees and opt-out terms.

Data Processing Agreement

The full DPA, including the anonymized-aggregate clause and your opt-out rights.

Read the DPA Download PDF

Placeholder link — point “Download PDF” at the hosted DPA document when ready.

Bring your security team to the demo.

We’ll walk your IT and OT reviewers through the architecture, the controls, and the data-rights model — and answer the questionnaire live.

Book a demo