# The security review, before you ask.

> How Discentra protects trader data: what it collects, how it is encrypted, who processes it, and the signed documents that prove it. Coaching, not financial advice.

Discentra is a B2B AI voice coaching platform for prop trading firms, brokers, and crypto exchanges. It detects behavioural triggers in real time and places an AI coaching call to the trader within 5 seconds. This page is written for the security, risk, and engineering teams who assess Discentra during procurement.

## What we collect, and what we never touch

Scope is the first security control. The behavioural engine runs on six fields and nothing else.

**Collected:**

- Pseudonymised trader ID
- Trade timestamps
- P&L per trade
- Trade size
- Instrument symbol
- Phone number, field-level encrypted

**Never collected:**

- Account balances
- Net worth
- Government IDs
- Card numbers
- Home addresses

## Encryption and data handling

The defaults your DPA will hold us to.

- **Recordings.** Every call recording is encrypted with AES-256-GCM.
- **Phone numbers.** Field-level encrypted, and deleted within 30 days of a trader leaving the cohort.
- **In transit.** TLS on every connection between your platform and Discentra.
- **Retention.** 90-day default for recordings, transcripts, and SMS logs. Up to 7 years where FCA or ASIC clients require it.
- **Erasure.** GDPR erasure requests completed within 30 days.
- **Residency.** EU-region database provisioned per client engagement. Trader data never sits in general business tooling.

## Compliance, signed and maintained

A signed governance suite, reviewed on a schedule and available under NDA.

- **Data protection impact assessment.** Processing risks assessed and mitigated, with a standing review date.
- **Record of processing activities.** Every processing activity and sub-processor on the record.
- **EU AI Act Article 50 assessment.** Disclosure obligations mapped. Every call announces that it is AI.
- **Transfer impact assessment.** Cross-border transfer routes assessed and documented.
- **Information security policy.** MFA on every account, device security, key handling, access registers.
- **Breach-response runbook.** A documented incident protocol with a 72-hour ICO notification path.
- **Data retention schedule.** Retention periods and deletion methods, defined per data class.

Registered: ICO registration ZC108503. Company No. 16098798 (United Kingdom).

Operating rules:

- A DPA is signed before any data transmission.
- Trader consent is collected before any call, SMS, or recording.
- A crisis escalation contact is a hard prerequisite. No deployment without one.
- Every call includes an AI disclosure, per EU AI Act Article 50.

## Infrastructure and sub-processors

Who touches trader data, and whose certificates they hold.

| Vendor | Role | Security posture |
|---|---|---|
| Retell AI | Voice platform | SOC 2 Type II certified. HIPAA and GDPR compliant. Runs on AWS infrastructure. Zero-data-retention agreements with OpenAI, ElevenLabs, and Anthropic. |
| Supabase | Database | ISO 27001 certified (the certificate is held by Supabase, not by Discentra). EU-region hosting, daily backups, point-in-time recovery. |
| Model layer | LLM, via Retell | GPT-4.1 primary with Claude as fallback, orchestrated through Retell under zero-data-retention with every model provider. |
| Twilio | Telephony | SOC 2 Type II for voice. ISO 27001, PCI DSS, HIPAA, and GDPR compliant. Phone numbers stay inside production-data controls. |

These certifications belong to the vendors named above, not to Discentra. Our own assurance is the signed governance suite and the DPA that binds it. The full sub-processor list ships with the DPA.

## Built for breach

Zero-trust design for an AI agent that handles trader data on behalf of regulated firms. Three principles:

- **Never trust, always verify.** Every access request is authenticated and authorised, regardless of origin.
- **Assume breach.** The platform is designed to contain damage when a compromise occurs, not only to prevent one.
- **Least agency.** Each agent receives the access its function requires, and nothing more.

The design test for every control: does it make an attack impossible, or only tedious? We prefer removing a capability over slowing an attacker down.

- **Least agency in practice.** The voice agent can place a coaching call and write call records for its own tenant. It holds no send or delete rights on unrelated systems and no cross-tenant access.
- **Per-tenant isolation.** Multi-tenant isolation seals each client off from every other client. Identity-based first, with network segmentation as the backstop.
- **Append-only audit trail.** Every agent action is logged with agent identity, timestamp, and the trigger that fired it. Each coaching call traces back to its cause, which supports EU AI Act explainability and 7-year retention where FCA or ASIC clients require it.
- **Short-lived credentials.** Service access uses short-lived, scoped tokens with automatic refresh. Static API keys do not exist in production. MFA is enforced on every human and administrative account.
- **Untrusted input, by default.** Trader SMS replies are treated as untrusted input and validated before they can influence the agent. Output filtering and the coaching-not-advice boundary are enforced in the architecture, with crisis detection and jailbreak blocking at the voice layer.

Discentra builds the production platform per client engagement. The governance suite above is signed and operational today. Platform controls are designed in and delivered with the build at your tier, and in diligence we mark which is which.

## Frequently asked questions

**Where is trader data stored?** Production trader data lives in a Supabase EU-region database provisioned for your engagement, with daily backups and point-in-time recovery. Voice processing runs through Retell AI on AWS infrastructure under zero-data-retention agreements with the model providers. Telephony runs through Twilio. Trader data is never stored in general business tooling.

**Is Discentra ISO 27001 or SOC 2 certified?** No, and we will not blur that line. ISO 27001 belongs to Supabase, the database sub-processor. SOC 2 Type II belongs to Retell AI, the voice platform, and to Twilio for telephony. Discentra's own assurance is a signed and maintained governance suite: data protection impact assessment, record of processing activities, EU AI Act Article 50 assessment, transfer impact assessment, information security policy, breach-response runbook, and data retention schedule, plus ICO registration ZC108503. The full pack is available under NDA.

**What data does Discentra collect?** Six fields: a pseudonymised trader ID, trade timestamps, P&L, trade size, instrument symbol, and a phone number that is field-level encrypted. Discentra never collects account balances, net worth, government IDs, card numbers, or home addresses.

**How is the integration secured?** Your platform sends trade events over a REST API or WebSocket. Every request is authenticated at the gateway with JWT or API-key auth, encrypted in transit with TLS, and scoped to your tenant. Inside the platform, agents run on short-lived scoped credentials, and every action lands in an append-only audit log.

**What happens if there is a breach?** A documented breach-response runbook is operational today, with a 72-hour ICO notification path and client notification obligations written into the DPA. The architecture assumes breach: per-tenant isolation and least-agency scoping exist to limit how far a compromise can reach.

**Is Discentra GDPR compliant?** Discentra is ICO-registered (ZC108503) and processes trader data under a signed data protection impact assessment and record of processing activities. A DPA is signed before any data transmission. Trader consent is collected before any call, SMS, or recording. Erasure requests complete within 30 days, and default retention is 90 days, extending to 7 years where FCA or ASIC rules require it.

## Related links

- [How Discentra works](https://discentra.ai/how-it-works)
- [Privacy policy](https://discentra.ai/privacy)
- [Why traders quit](https://discentra.ai/why-traders-quit)
- [Get in touch](https://discentra.ai/get-in-touch)

---

This is a Markdown mirror of [https://discentra.ai/security](https://discentra.ai/security). Generated for LLM citation. © Discentra Ltd. Coaching, not financial advice.