Trust Centre

Evidence before promises.

A buyer-focused view of Provium's security posture, privacy architecture, compliance status, and proof evidence. Use this page to understand what is live, what is planned, and what should be reviewed before go-live.

Request evidence packReview security model

◆ Claim status

Clear status labels for buyer review

Provium should be evaluated on explicit evidence, not broad certification language. These are the current public positions.

Proof, not document storage

Built into architecture

Provium is designed around signed receipts, selective disclosure, and data minimisation so businesses can verify identity without creating a vault of passport scans.

UK GDPR / GDPR posture

Aligned by design

Product flows are designed around consent, minimisation, retention controls, and auditable evidence rather than broad personal-data collection.

eIDAS evidence pathway

Alignment path

Provium Sign creates identity-bound signing evidence and supports a qualified-signature pathway where applicable; final signature status depends on deployment and provider setup.

SOC 2 readiness

Planned, not certified

Security controls and operational evidence are being prepared for audit readiness. Provium does not currently present a completed SOC 2 Type II certificate.

◆ Evidence links

Where to review the proof

Procurement, legal, security, and engineering teams need different evidence. These links group the strongest current assets.

Before production go-live

Ask Provium for a deployment-specific evidence pack covering data flows, controls, claim scope, retention, and legal basis for your use case.

Security model

Review the high-level security architecture, cryptographic posture, controls, and assessment roadmap.

Open

Compliance matrix

See supported frameworks, current status labels, and where claims are aligned, supported, pending, or planned.

Open

Developer integration

Review the API-first proof flow, sandbox path, OpenAPI positioning, and webhook integration overview.

Open

Demo and evidence pack

Request sample audit artefacts, proof receipts, integration walkthroughs, and procurement answers from the Provium team.

Open

◆ Not claimed today

Trust also means knowing the limits

These boundaries are intentionally explicit to reduce procurement friction and avoid overclaiming.

No public SOC 2 Type II certificate is claimed today.

No public ISO 27001 certificate is claimed today.

Qualified-signature outcomes depend on jurisdiction, provider setup, and deployment configuration.

Industry-specific compliance support should be validated against your legal and regulatory requirements before go-live.

Need the evidence behind a specific claim?

Send your security, legal, or procurement questions and we'll route them to the right owner.

Ask for evidence