Arkna is built to need as little of your data as possible. PII is redacted by default, your records stay in your tenant, and what Arkna keeps is structured to be verified, not mined.
The record proves what happened while holding as little personal data as possible. Identity stays in your tenant, not in the record.
You own the data. You export it, you delete it. Only de-identified aggregates ever leave, and only if you opt in.
Personal data is stripped at the boundary before it reaches the record. Capturing it is the exception, not the default.
Your records remain in your environment. Only de-identified aggregates leave, and only when you opt in.
Export or delete the record at any time. Access, retention and export are scoped to the workflow under review.
The managed service runs in the cloud region you choose, so your data stays where your rules require. Stricter deployment options are available on request.
We don't claim certifications we don't hold. There's a difference between a standard Arkna is certified against and a framework Arkna maps evidence to. We keep it.
We will say "certified" only once we are.
A crosswalk: Arkna pre-maps evidence to these. It is not certification under them.