JNN Global Ltd (trading as “VERYX”, part of Groupe Nseya Digital) · Updated 12 June 2026
Zero-trust, deny-by-default authorisation on every request: platform role, workspace role, granular permission and tenant attributes all stack. MFA is enforced for administrator accounts. Suspension, deactivation and password changes revoke sessions immediately — not at next login.
Every record, AI memory and audit entry is scoped to one workspace. Platform operators sign in on a separate surface and do not access tenant business data except under audit-privileged controls. Sovereign-tier tenants receive additional isolation controls.
Every state change writes a hash-chained audit entry and an append-only domain event. Chains are verified continuously; any tampering is detectable. Nothing is silently rewritten or deleted.
TLS for all traffic; encrypted managed database storage; secrets held as environment configuration and never displayed; point-in-time backups managed by our hosting providers.
Suspected incidents are triaged immediately, affected customers are notified without undue delay, and regulators are informed where required (within 72 hours under UK GDPR where applicable). Responsible disclosure: report vulnerabilities to support@veryx.io — do not test against production tenants without authorisation.