Enterprise Buyer FAQ (Trust, Security & Delivery)

1. Why should enterprises choose CueCrux over generic AI solutions?

Enterprises choose CueCrux because it provides verifiable, risk-aware, audit-ready answers: a critical requirement in regulated environments. CueCrux ensures every output is backed by evidence with timestamps, licences, and content hashes. It includes built-in governance, provenance, and audit mechanisms that traditional LLM systems simply do not offer. For organisations facing compliance constraints, regulatory scrutiny, or reputational risk, CueCrux represents an operational shift from “AI assistance” to AI assurance.

2. How does CueCrux enforce data isolation and governance?

CueCrux separates all sensitive operations via strict service boundaries. Engine tokens never leave server environments; WebCrux handles user authentication; WatchCrux runs independently to provide unbiased health and drift audits; and OpsCrux centralises governance, permissioning, and SLO visibility. For full isolation, the Private Stack provides tenant-specific namespaces, databases, storage paths, and receipt-signing keys. This ensures no cross-tenant leakage and guarantees compliance with internal control requirements.

3. How does CueCrux integrate with enterprise SSO and identity?

CueCrux supports SSO via SAML, OIDC, and enterprise IdPs. Sessions are managed with rotating, httpOnly refresh cookies and short-lived JWTs. The system logs device and session metadata, supports revocation, and enforces IP, ASN, and behaviour-based risk scoring. All authentication flows respect GDPR and maintain strict access boundaries.

4. What is the platform’s data retention and compliance policy?

CueCrux applies strict data minimisation. Personal data is never attached to artefacts or provenance. Users may delete history, accounts, and stored preferences at any time; this action cascades across sessions and metadata. Artefacts and receipts remain only as non-personal cryptographic objects with no user identity embedded. Retention policies cover:

• evidence artefacts
• provenance records
• DSAR removal flows
  CueCrux also supports auditors and regulators through federated proof verification, which enables validation without exposing underlying documents.

5. How does CueCrux handle regulatory change (AI Act, GDPR, FCA, HIPAA, etc.)?

CueCrux is designed for regulation-first contexts. Audit mode, provenance verification, retraction monitoring, licensing validation, contradiction tracking, and counterfactual search all provide compliance-grade outputs. Because every answer ships with a CROWN receipt, CueCrux can prove why an answer was generated, under what conditions, and with what evidence. This helps enterprises comply with the EU AI Act’s obligations for transparency, auditability, and reproducibility, and aligns with GDPR’s data minimisation and accountability requirements.

6. How does Private Stack support enterprise customisation?

Private Stack allows enterprises to run tenant-exclusive:

• ingestion workflows
• temporal pipelines
• custom agents
• relevance heuristics
• LLM routing and cost envelopes
• schema extensions

Each tenant plane has isolated namespaces, storage, and secrets. Enterprises can add private agents, override ranking logic, or integrate with internal databases, all while preserving receipts and provenance integrity. CueCrux Federation verifies receipts across tenant planes without revealing underlying documents.

See also

• Modes & Decision Guide
• Using Receipts in Compliance
• Org Admin Guide