Public posture. Gated detail. One place to find both.
Privacy, security, AI behaviour, and sub-processor disclosure for the PrimeTDAP platform — published in full. Deeper documentation for procurement, legal, and security review is shared on request under NDA.
Read these without asking.
The documents below are kept current and apply to every engagement on the platform.
-
Privacy Policy
Effective 2026-05-24How Primus collects, uses, shares, and protects personal data through the platform.
Read → -
Terms of Service
Effective 2026-05-24The terms that govern access to and use of the PrimeTDAP platform.
Read → -
Acceptable Use Policy
Effective 2026-05-24What authorised users may and may not do on the platform.
Read → -
AI Disclosure / Model Card
Effective 2026-05-24Which AI systems are in use, what data they process, how their behaviour is constrained, and how to opt out.
Read → -
Sub-Processor List
Effective 2026-05-24The third parties that process customer data on Primus's behalf via the platform.
Read → -
DPA Summary
Effective 2026-05-24Summary of our standard Data Processing Agreement. Full text on request.
Read →
Documents we share under NDA.
These cover the operational, architectural, and contract-template detail that's appropriate to share with named procurement / legal / security teams but not to publish openly.
- Request
Data Processing Agreement (full text)
The complete 18-section template that is countersigned as an addendum to the MSA. Suitable for legal review prior to a contracted engagement.
Emailed under NDA
- Request
Security & Compliance documentation pack
Information Security Policy, Access Control Policy, Encryption Standards, Incident Response Plan, BCP/DR Plan, Data Retention Policy, AI Use Policy, and supporting policies (21 documents in total).
Emailed under NDA
- Request
Security Architecture Document
Full architectural detail of the platform — control planes, isolation boundaries, dependency diagram, threat model. Goes deeper than what's on the public Security & Compliance page.
Emailed under NDA
- Request
Sub-Processor change notifications
Subscribe to receive 45-day prior-notice emails when our sub-processor list changes.
One-time confirmation email; ongoing notifications as changes occur
Already a customer? Active customers receive the doc pack automatically at engagement start and on every material update.
What we align to.
Controls aligned to SOC 2, ISO 27001, ISO 42001, OWASP Top 10, NIST AI RMF, and NIST SP 800-61. EU AI Act classified per surface. Posture is stated as aligned when controls are in place but no third-party audit has been completed, and as certified only after audit. A formal certification readiness assessment for SOC 2 and ISO 27001 is underway.
Where to send what.
Security incidents
Suspected unauthorized access, data exposure, anomalous AI behaviour, or any concern with platform security posture.
security@primussoft.comPrivacy & legal
Data Subject Access Requests, privacy questions, contract questions, sub-processor objections, AI compliance concerns.
legal@primussoft.comProcurement-ready documentation, on request.
If you're evaluating PrimeTDAP for an upcoming engagement — assessment, audit-readiness, or due-diligence — the fastest path to the full posture is to request the doc pack, shared by email under NDA.