Security, Privacy & Responsible AI

CE Canvas is designed for organisations that must protect sensitive information and maintain public trust. Our platform combines secure infrastructure, strong data governance, and transparent AI systems so your team can use modern technology with confidence.

Built on a Foundation of Trust

Secure by Design

CE Canvas is designed with security as a foundation. Data is encrypted in transit and at rest, access is controlled through role-based permissions, and all activity is recorded through secure audit logs. We are building toward SOC 2 Type II certification.

Practitioner-Focused

Your Data Always Remains Yours

Your organisation retains full ownership and control of all information stored in CE Canvas. Client data is never used for AI model training or shared with third parties. Data can be hosted in region-appropriate infrastructure to support national privacy and procurement requirements.

Full Lifecycle

AI You Can Trust

CE Canvas uses governed AI designed specifically for community engagement practice. AI outputs are grounded in verified sources, include traceable references, and operate within guardrails designed to prevent hallucinations. Practitioners remain in control of every decision and output.

Responsible AI

Platform Security Overview

Data Governance

Designed to support appropriate data handling, regional hosting considerations, and responsible management of project information.

Practitioner-Focused

Access & Oversight

Built to support controlled access, clear responsibilities, and stronger visibility across engagement work.

Full Lifecycle

Governed AI

AI assistance is designed to remain grounded in context, guided by guardrails, and subject to practitioner review.

Responsible AI

Trusted Operations

We are building CE Canvas with a strong focus on privacy, reliability, and continuous improvement as the platform evolves.

AI-Powered

Global Platform. Local Compliance.

CE Canvas does not use customer data to train external AI models.

CE Canvas supports organisations operating across multiple jurisdictions. Our platform is designed to accommodate regional data hosting and align with national privacy and governance expectations commonly required by public-sector organisations.

Australia flag

Australia

  • Privacy Act 1988
  • Australian Privacy Principles (APPs)
  • Alignment with ISM and Essential Eight guidance
  • Region-appropriate data hosting
New Zealand flag

New Zealand

  • Privacy Act 2020
  • Information Privacy Principles (IPPs)
  • Alignment with NZISM guidance
  • Region-appropriate data hosting
Canada flag

Canada

  • PIPEDA privacy framework
  • Provincial legislation (FIPPA / FOIP / FOIPPA)
  • Government of Canada Cloud Guardrails
  • Region-appropriate data hosting
United States flag

United States

  • NIST-aligned cybersecurity practices
  • State and local government standards
  • Security practices informed by SOC 2 and NIST frameworks
  • Region-appropriate data hosting

Regulatory requirements vary by jurisdiction. CE Canvas is designed to support organisations in meeting their local privacy, security, and governance obligations.

Common Security Questions

Answers to the questions most commonly asked by procurement and compliance teams.

CE Canvas stores and processes information in secure, region-appropriate data centres that comply with local privacy and data-residency requirements. Organisations can select hosting within their jurisdiction to align with government procurement and compliance standards.

Built for Public Trust

CE Canvas was designed for organisations that must operate transparently, securely, and responsibly when working with communities. Every engagement plan, dataset, and AI-assisted insight remains fully auditable, traceable, and under your organisation's control.

Contact Us