BookbagBookbag
Book Demo
Security & Compliance

Enterprise-Grade Security & Audit Trails

Bookbag supports compliance review workflows with audit-ready evidence trails, role-based access control, and full provenance tracking.

Security & Data Handling

Data Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Messages are stored securely with access controls.

SOC 2 Type II

Bookbag maintains SOC 2 Type II compliance. Reports available upon request for enterprise customers.

Role-Based Access

Granular permissions for Worker, QA, SME, and Admin roles. Control who can view, edit, and approve messages.

Data Retention

Configurable retention periods per project. Export audit logs and training data before deletion.

Audit Logging

Every action is logged: who accessed what, when, and why. Full audit trail for compliance reviews.

Export Controls

You own your data. Export audit trails, training data, and decisions at any time. No lock-in.

Audit Trails & Provenance Tracking

Every decision in Bookbag includes full provenance: who approved, when, which rubric version was used, and rationale (for blocked items).

  • Final Approver Identity
    Know exactly who made the final call (email, role, timestamp)
  • Taxonomy Version Stamping
    Every decision is stamped with the rubric version in effect
  • Rationale Required for Blocks
    SMEs must provide written rationale and evidence for blocked items
  • Export-Ready Format
    Audit logs exported as JSON or CSV for compliance review
Sample Audit Record
message_idmsg_x9k2p
verdictblocked
approverj.smith@acme.com
roleSME
policy_vfinserv_v2.1
timestamp2024-01-15T14:22:10Z
rationale:
"Contains unsubstantiated performance claims. Violates FINRA Rule 2210."

Compliance Support

Important: Bookbag supports compliance review workflows—we do not provide legal compliance services or replace compliance teams.

We provide the tooling, evidence trails, and audit-ready recordkeeping that compliance teams need to supervise AI-generated outbound at scale.

  • Bookbag does not interpret regulations or provide legal advice
  • Your team defines rubrics, policies, and approval criteria
  • Designated SMEs make final calls with rationale and evidence
  • We provide the infrastructure for audit-ready workflows

Enterprise Deployment Options

For highly regulated environments, we offer custom deployment configurations.

Cloud (Default)

Fully managed, SOC 2 compliant infrastructure. Deploy in days.

Available now

On-Premise / Private Cloud

Deploy Bookbag in your own VPC or on-premise environment.

Contact sales

Ready to build audit-ready AI outbound?

Join the teams shipping safer AI with real-time evaluation, audit trails, and continuous improvement.

Request demoTalk to security team