Data Security Statement — Stillstone Vault

This statement is a placeholder. The complete Data Security Statement is to be finalised prior to public launch, including specification of infrastructure providers and independent audit information.

Summary

All Stillstone vault data is protected through multiple layers of security. The following measures are in place or will be confirmed prior to launch.

Encryption

Encrypted in transit: TLS 1.3
Encrypted at rest: AES-256 or equivalent

Isolation

Each vault is stored in an isolated database environment. Cross-vault data access is not technically possible within the system architecture.

Backup and Replication

Vault data is backed up and replicated according to industry best practice. Backup integrity is tested on a regular schedule.

Access Controls

Stillstone staff cannot access vault contents without explicit, authenticated client consent. Access logs are maintained and auditable.

Infrastructure

Vault data is held on secure infrastructure within Australia and/or globally distributed cloud environments with appropriate data residency controls. Specific infrastructure providers will be disclosed in the final statement.

Testing and Integrity

Infrastructure integrity is tested monthly. Security practices are reviewed on an ongoing basis.

Incident Response

Stillstone maintains an incident response procedure. Clients will be notified of any material security incident in accordance with applicable law.