Predictive Ledger
For procurement
Security, DPA, SLA, pricing
Everything a CFO or InfoSec lead needs to clear the demo for a real PoC
Note for evaluators.This page is part of the open-source reference demo and is intended as a worked example of what an Aito-backed product's procurement pack looks like. Anything specific (a contract, a real DPA, a signed SOC 2 report) lives behind a sales contact at aito.ai.

Security posture

What a InfoSec questionnaire would ask, with the typical Aito answer

HostingAito SaaS is hosted on AWS (eu-west-1) and Azure App Service (configurable per customer).
Encryption in transitTLS 1.2+ end-to-end. HTTP/2 supported.
Encryption at restAES-256 on storage layer; encryption keys managed by the cloud provider.
Multi-tenancy isolationLogical isolation via the customer_id field on every queryable row, enforced in the application layer. Cross-tenant leakage is structurally impossible because every _predict / _search query carries a where clause for the active tenant. Worked example: same vendor, four tenants, four GL codes.
AuthenticationAPI key per environment. Optional IP allow-list. SSO/SAML on enterprise plans.
Logging & auditEvery prediction and override is recorded in the prediction_log table; queryable for SOX-style audit trails. Sample shown on the Quality views.
Personnel accessAito staff access to customer data is logged, time-bound, and requires explicit customer consent for production data.
Incident response24h notification SLA on confirmed security incidents. Annual tabletop exercise with our SOC partner.

Compliance & certifications

GDPRAito is a data processor under Article 28. DPA template available on request; signs out-of-the-box for EU customers.
SOC 2 Type IIIn progress; report available under NDA.
ISO 27001Roadmap target Q2 2027.
Data residencyEU-only deployment available; no cross-border replication for EU customers without explicit opt-in.
SubprocessorsAWS, Azure (deployment), Cloudflare (TLS termination, WAF). Full list on the public subprocessor page.

DPA & contractual

DPA templateStandard EU DPA with SCCs (2021/914) annexes; takes <2h legal review for most procurement teams.
Data deletionOn contract termination, customer data is deleted within 30 days. Deletion is verifiable via API call.
Data exportEvery table is queryable via the same _search API the demo uses. No vendor lock-in.
Liability capNegotiable; default is 12 months of fees.
Breach notification24 hours from confirmation. Passes most enterprise procurement bars.

Per-tenant cost economics

Predictive Ledger demo's actual usage as a sizing baseline

Workload shapeSingle shared Aito instance, 255 tenants, 1.024 M invoices, ~14 k help-page impressions, 540 k bank transactions. Same instance, no replication per tenant.
Aito costOne Aito instance bill, billed per query volume + storage. The 255-tenant sizing this demo runs on lands in the $X / month tier on the public price list.
Cost per tenantTotal Aito bill ÷ tenants. For the demo's shape: $X ÷ 255 ≈ $X / tenant / month. Headline customer (CUST-0000, 128 k invoices) and a long-tail micro-tenant pay the same fixed share — the model is "one bill, scale with usage", not per-seat.
What scalesStorage (linear in row count), query QPS (linear in active sessions). Adding a tenant = inserting rows + carrying customer_id in the query; no schema work, no separate compute.
What doesn't scaleEngineering. Adding a tenant is config, not code. The demo's 255 tenants share one binary, one schema, one deploy pipeline.

SLA

What Aito commits to in a paid contract

Uptime99.9 % monthly availability on production tier (≈43 min downtime / month). Standard tier is 99.5 %.
Response time SLAp95 query latency under 500 ms for `_predict`, `_search`, `_relate`. Live latency badge in the topbar shows actual numbers — every query the demo issues is timed.
SupportBusiness-hours email support on standard. 24×7 with named-engineer escalation on enterprise.
Status pageReal-time status at status.aito.ai (external).
Maintenance windowsPre-announced 7 days in advance; off-business-hours by default; opt-out available on enterprise.

Migration & exit

OnboardingSchema-first import. Bring one CSV per table; we'll map types and links. Typical first-prediction-in-production: 1–2 weeks.
ExitEvery table is exportable as JSON via the same _search API the demo uses. No proprietary file format. The demo's own data was generated this way.
In-house alternativeThe demo is open-source and serves as a reference for what an Aito-backed product looks like. Source: github.com/AitoDotAI/aito-accounting-demo.

Next steps

Procurement-ready evaluations typically follow this path:

  1. Engineering validates the architecture from the demo (this site) and the open-source reference repo.
  2. Security questionnaire + DPA exchange with Aito sales (1–2 days end-to-end).
  3. 30-day production-shape PoC against your real schema; we provide the load-data tooling.
  4. Commercial proposal sized to your tenant count + query QPS.
Talk to sales →