Receipt
Receipt — diff before publish
Every AI proposal becomes a Receipt: an immutable, signed, line-by-line record of what would change. Nothing ships until a human accepts the diff.
Trust Center
AI velocity. Audit-grade control.
Every claim on this page is backed by a published contract or an architecture record you can read. We don't ask you to trust us. We ask you to verify.
Operator Console
Operator Console — staff actions are audited
Every PhiWebs staff member who touches a tenant World does so through the Operator console. Impersonation, support overrides, and exports are logged with reason and timestamp.
KVKK + GDPR
KVKK + GDPR — data-subject flows
Article 15 export, Article 17 deletion, 30-day SLA, JSON-or-email delivery. Wired into the platform, not bolted on.
Atom Knowledge Schema
Atom Knowledge Schema — bounded AI context
Each block declares the knowledge AI gets to see. AI cannot read tenant data outside the manifest's `knowledge` field. No prompt-injection back-doors via component metadata.
World isolation
World isolation — no cross-tenant bleed
Each customer gets its own World: independent identity, plan, members, data, rules, and storage. Independent provisioning, independent rate limits, independent audit. No shared backplane.
Contract layer
A stable platform contract — the floor doesn't move
PhiWebs is built on a frozen contract layer. Breaking changes require an architecture record, a version bump, and a migration path. Every decision is documented and reviewable.
Billing invariants
PCI compliance is handled by accredited payment processors — we never see card numbers. Invoices are immutable once issued. Refunds always emit a credit memo; we never edit issued invoices.
Want a copy of our latest audit?
We're SOC 2 Type I in progress; Type II planned for Q4. Until then we'll share controls, architecture records, and pen-test summaries on request.
Contact security@phiwebs.com