Skip to content
HANKAI
DevelopersWhat's new

Compliance

Compliance

Where to find how this documentation site supports compliance review. This page makes no certification or contractual claim — it indexes the surfaces where the platform’s behavior is documented and verifiable in source, and points to the operator tools that evidence it. Like the trust page, it describes this documentation site (docs.hank.ai), not the HANK product.

Data & privacy practices

How the site handles analytics, personal identifiers, free-text scrubbing, public/internal content separation, and AI assistance is documented in full — each statement verifiable against the source — on the Trust & data practices page.

Report a security issue

Report a vulnerability through the disclosure channel on the trust page. The same channel is published in machine-readable form at /.well-known/security.txt (RFC 9116).

Tamper-evident audit trail

Every content mutation is recorded in an append-only audit log linked into a SHA-256 hash chain, so an edited or deleted entry breaks the chain and is detectable. Operators verify the chain’s integrity at the audit-chain verification page (operator sign-in required) and browse or export the trail from the audit log (operator sign-in required).

Content review & governance

Sensitive or automated content is held for human review before it can go public, and approvals enforce separation of duties — the public summary of this is under content changes are audited and reviewed. Operators work the review queue and see governance aggregates (review-queue health, rejection reasons, access-control events) on the compliance dashboard (operator sign-in required).