Last updated: June 24, 2026

Compliance

This page is maintained by PikSign to summarise the controls and practices customers most often ask about. It describes what the product enables today and is not an independent certification. Customer-specific commitments are captured in the executed Master Services Agreement and Data Processing Addendum.

Deployment & data residency

PikSign Detect is delivered on-premise, in the customer's VPC, or fully air-gapped. Documents and images processed for detection remain inside the customer's environment; PikSign does not receive or store customer content as part of normal operation.

Access control

Administrative access to deployment artefacts is restricted to named PikSign engineers, gated by SSO and multi-factor authentication. Customers control end-user access to detection results inside their own environment.

Responsible AI

Detection outputs are decision-support signals, designed for review by trained personnel alongside existing fraud and KYC controls. Models are evaluated against curated forensic datasets and updated through a change-controlled release process.

Regulatory alignment

PikSign supports customers operating under RBI, SEBI, IRDAI and equivalent regulatory regimes by keeping sensitive content within the customer's controlled environment and by providing auditable detection workflows. Specific regulatory mappings are shared under NDA.

Security contact

To report a suspected vulnerability or security concern, email security@piksign.com. For all other enquiries, use hello@piksign.com.