Built for compliance from the ground up
Arc isn't a logging wrapper. It's a compliance-grade archiving system with encryption, tamper evidence, legal hold, and audit trails baked into every layer.
Architecture
Arc Link
Enterprise connectors
Arc Gate
API gateway
Arc Relay
MCP control plane
Arc Bridge
Self-hosted adapters
Comma Compliance Arc Archive
Encrypted, tamper-evident, immutable records
Data flow
Capture
AI interaction intercepted by connector, gateway, or control plane
Encrypt
NaCl Box encryption with tenant-isolated keys before data leaves origin
Transit
TLS 1.3 encrypted transport to archive infrastructure
Archive
Immutable, tamper-evident record stored with full conversation context
Comply
Search, hold, export, and audit on demand for regulators
Security
TLS 1.3 in transit
All data encrypted in transit with modern TLS. No exceptions.
NaCl Box encryption
Records encrypted at the source using NaCl Box (Curve25519 + XSalsa20 + Poly1305) before leaving your environment.
Tenant key isolation
Every tenant gets isolated encryption keys. Your data is cryptographically separated from every other customer.
Tamper-evident records
Hash chains ensure archived records cannot be modified after ingestion. Any tampering is detectable.
Compliance controls
Full-text search
Search across all archived AI interactions by user, date, content, model, or metadata.
Legal hold
Place holds on specific users, date ranges, or content patterns. Held records cannot be modified or deleted.
Policy matching
Define policies that flag interactions containing sensitive content, PII, or restricted topics.
Export
Export records in standard formats for regulatory review, e-discovery, or internal audit.
Audit trail
Every access, search, hold, and export is logged with user, timestamp, and action.
Retention management
Configure retention periods by policy. Automatic purge after retention expires.
See the architecture in action
Walk through the full data flow with our team - from capture to compliance.