TRUST CENTER

Security and data sovereignty

This page summarizes Hisar's security architecture, data-sovereignty commitments, and control-mapped controls.

Data-sovereignty commitments

  • Zero default data egress: the appliance makes no outbound calls by default.
  • Air-gap capable: fully functional offline.
  • Customer ownership: all indexes, logs, and evidence packs belong to your institution.
  • No default remote access: support access is customer-initiated, logged, and time-boxed.

Control mappings

We present our controls designed to support KVKK, BDDK, TCMB, SPK, and MASAK obligations, mapped to each regulation.

Documents & policies