Trust Centre
Documentation for security and procurement review
Evidentful is built for UK policing evaluation. This page summarises what is available for IT security teams, DPOs, and procurement stakeholders — and where to request detailed documentation.
Security & governance pack
For IT security teams, DPOs, and procurement leads evaluating Evidentful, we provide documentation covering security architecture, data flows, AI governance, subprocessors, retention, and compliance controls. Request the pack via our contact page.
ISO 27001 certification
Evidentful is ISO 27001 certified, audited by an accredited UKAS body. Certificate scope, control summaries, and audit status are available through our public Trust Centre.
Subprocessors & data flows
We maintain a current subprocessor list and can provide data flow diagrams for force evaluation. Witness and operational data is designed to be stored and processed within Azure UK South / UK West.
AI governance
Documentation covers model selection, LiteLLM routing, provider agreements prohibiting training on Evidentful data, and alignment with the NCSP AI/LLM Cyber Standard.
Operational documentation
PEACE methodology notes, MG11 output samples, witness consent wording, and incident response summaries are available for evaluation and procurement review on request.