Trust & Security

Built for fifty years.

Donor intent is a fifty-year commitment. Here is how we think about the infrastructure that has to last that long.

01

How your Spec is stored

Your Spec is encrypted at rest and in transit. The canonical human-readable form is stored as a signed PDF, hash-anchored at the moment of signature. The structured machine-readable form is stored as JSON conforming to the open Intent Spec schema. Both forms are exportable at any time, in their entirety, by the donor or their authorized agents.

We host on U.S.-based infrastructure for individual deployments. Institutional partners may select their hosting jurisdiction.

02

Who can access your Spec

Access is governed by the donor.

GiveIQ's platform reads the metadata necessary to operate the product — versioning, audit cadence, agent permissions, drift indicators. The substantive content of your Spec — your purposes, your beneficiaries, your decision rules, your conflicts of interest — is yours. Our staff cannot read your Spec content without your explicit authorization. Audit logs of all access are available to you.

03

Verifiability

Every Spec carries a SHA-256 hash of its canonical form, signed at the moment of finalization. The version history is immutable; every amendment carries an authorship signature, timestamp, and justification.

This means a Spec finalized in 2026 can be verified as authentic by any party — a successor advisor, a court-appointed trustee, a family member — at any future date, without needing to trust any single intermediary including GiveIQ. Verification tooling for Specs will be published alongside the open schema.

04

Portability and continuity

The Intent Spec schema is published openly under MIT license. Any vendor, advisor, or institution may build software that reads, writes, or operates against a Spec. Your artifact is not locked to GiveIQ.

If GiveIQ is acquired, you will be notified and your Spec will continue to operate under the same terms or you will be given the option to export and migrate. If GiveIQ is wound down, we will notify you with at least one hundred eighty days' notice and provide migration support and exports of every Spec under our maintenance.

The schema being open is the structural guarantee that this product outlasts its current vendor. We built it that way deliberately.

05

What we will not do

We will not sell, share, or syndicate Spec content with third parties — including for advertising, model training, or research — without explicit donor authorization on a per-use basis.

We will not enclose the Intent Spec schema. The schema is permanently open-source.

We will not modify your Spec without your authorization. The platform may flag drift, suggest amendments, or recommend reviews; only the donor or their authorized successor may amend the artifact.

06

Compliance roadmap

We are an early-stage product. We are committed to standard institutional security practice and are pursuing the following roadmap:
  • SOC 2 Type II audit: target completion Q2 2027
  • Penetration testing: ongoing, with annual third-party engagement
  • Data Processing Addendum and Business Associate Agreement: available for institutional partners on request

For institutional buyers, full security documentation is available under NDA.

For specific questions on data handling, security architecture, or compliance posture: trust@giveiq.com

Request institutional materials