Taridex Customs investigation workspace

Security & data handling

Last updated: 2026-06-09

Demo environment certified (2026-06-09). Production deployment follows design partner validation. Taridex does not replace CROSS as the official ruling registry. We do not hold SOC 2, FedRAMP, or third-party penetration-test certifications today; details below are factual summaries for vendor review.

Corpus provenance

Taridex maintains a versioned authority corpus used for temporal ruling research: HTS editions, CFR provisions, ruling indexes, and lineage edges between authorities.

  • Scale: 1,006,874 governed objects under the corpus/ prefix in release v1 (staging and production parity verified 2026-06-08).
  • Integrity: Release bundle SHA-256 ea7c19e9c0e6730b9aee69050fef5d0841cc06ac4b7a7aa29db43b4e65cd4ce4; corpus component SHA-256 6a25109c6cefe37047cad4d4ef7fe411fbad0146d1dddcb8c6caa3a89562826f. Remote manifest verification PASS on staging and production buckets.
  • Sources ingested: Public federal trade-law materials — including CBP ruling corpora, GovInfo/eCFR CFR snapshots, and USITC HTS editions — assembled into a temporal graph with refresh governance. Raw sources are largely public; defensibility is in governed integration and ruling-date binding, not exclusive raw-text rights.
  • Indexes: Retrieval indexes (e.g., FAISS gold HQ, CFR) ship with the release manifest; BM25 placeholder is documented as empty in the current bundle.

Licensing posture

Taridex is built from public-source ingestion of government trade-law materials. We do not claim exclusive redistribution rights to underlying federal publications.

  • Customer use: Licensed access to the Taridex research platform and hash-verified exports you generate in your workspace — not a bulk redistribution license to the underlying corpus files.
  • Diligence: A consolidated per-source licensing matrix (refresh cadence, termination risk, redistribution terms) is maintained for design-partner and acquisition diligence; it is not yet published as a standalone legal schedule on this site.
  • Open source: The stack includes standard OSS components (e.g., Python runtime, FAISS, embedding models). A formal SBOM and commercialization review binder is available on request for procurement.
  • Third-party editorial layers: Taridex does not ingest Thomson Reuters, Lexis, or similar commercial headnote/citator layers; outputs are traceable to public authorities in the citation trace.

Security controls

Edge and API security follow a Cloudflare-native zero-trust design (staging validated; production cutover follows design-partner gate).

  • Identity: Cloudflare Access on API and workspace hosts — SSO groups (admin, attorney, broker, analyst, demo) and service tokens for automation.
  • Authorization: Role-based API controls enforced in Workers middleware (e.g., demo role: read-only scenarios; no export). Permission matrix documented in internal security architecture.
  • Transport: TLS 1.2+ for all client and service paths; retrieval plane reachable only via Cloudflare Tunnel (no public retrieval DNS).
  • Data at rest: Corpus and exports in R2; metadata in D1; session state in KV — encrypted at rest per Cloudflare defaults.
  • Marketing site: Static Pages deployment; form posts to Access-protected marketing API with rate limiting; Bot Fight Mode on the zone.
  • Audit: Append-only audit events in D1 with hash-chain design; large payloads in dedicated audit storage. Server-side audit bridge is not marketed as immutable legal-grade attestation — export payload SHA-256 replay is the customer-verifiable artifact.
  • Certifications: No SOC 2 Type I/II, ISO 27001, or FedRAMP authorization at this time. SOC 2 Type I roadmap and SIG Lite mapping available on request via Contact sales.

Architecture overview

  • Marketing: Astro static site on Cloudflare Pages (taridex-web); no workspace data on marketing origin.
  • API edge: Cloudflare Workers (taridex-api) — research search, LegalSnapshot, citation trace, export packaging, marketing leads/events.
  • Corpus plane: R2 buckets for versioned corpus and indexes; release activation governed via D1 corpus_releases.
  • Retrieval plane: Fly.io (or equivalent) retrieval service connected via Tunnel + mTLS; hybrid retrieval over governed indexes.
  • Workspace: Access-gated app host; exports written to org-scoped R2 keys with D1 package records.

Data handling

  • Form submissions: Demo, pilot, contact, and updates forms store submitted fields (work email, name, role, firm, use case) in marketing D1 for qualification and response. See Privacy notice.
  • Analytics: Pseudonymous visitor_id and session_id on marketing pages; events batched to the marketing API (mv.* schema).
  • Workspace PII: User email and display name in D1; audit events store country from Cloudflare request metadata, not raw IP.
  • Your research: Queries and exports are processed to deliver your workspace results. We do not use your exports to train third-party foundation models. Model-assisted features, where present, operate on governed retrieval outputs — not on a claim of replacing professional judgment.
  • Retention: Design-partner agreements define export and audit retention; default marketing lead retention aligns with active sales evaluation (request specifics via contact).

Research methodology · Request a guided demo · Contact sales (security review, DPA discussion)