§ SECURITY · UK
UK-hosted. Embedding-only. No facial-recognition store.
The sovereignty signature of TicketWave Witness. Every hop, every residency claim, every regulator's first question — answered on one page. If the topology below doesn't match what your DPO needs to sign off, we'd rather know before the pilot, not after.
§ TOPOLOGY
The full request graph.
§ ICO POSTURE
ReID via embeddings is not the same as facial recognition.
The Information Commissioner's Office has been explicit on automated facial recognition in private settings: the Facewatch decision (December 2024), the South Wales Police Bridges case, the Serco custody-suite contract. All three turn on whether a facial template is extracted, stored or matched. We extract none of those.
What we compute is a 512-dimensional float vector that summarises body shape, gait and clothing colour. A human cannot reconstruct a face from it. A second AI model can't reconstruct a face from it without training data we don't collect. It is not a biometric template under the UK GDPR Schedule 1 special-category meaning.
We hold written legal opinion from a UK data-protection specialist to that effect. The opinion is shared with customers under NDA during the pilot enquiry.
§ DSPT v8
The 30 June 2026 audit. Pre-mapped.
The Data Security and Protection Toolkit v8 is the NHS-aligned control framework that becomes mandatory for relevant care and adult-care-adjacent settings on 30 June 2026. Build-to-rent operators with assisted-living elements; boutique hotels with care or wellness adjuncts; venues hosting CQC-regulated events — all increasingly within scope.
-
§ 01 · DATA SECURITY
Embedding store hardening
AES-256-GCM at rest. TLS 1.3 in transit. UK region only. No backup snapshots leave the jurisdiction.
-
§ 02 · ACCESS CONTROL
Per-role, per-camera, per-window
Operators see only the cameras they're assigned. Reviewers see only the events flagged in their window. Admins see audit logs; nobody sees raw embeddings.
-
§ 03 · INCIDENT
72-hour breach posture
Customer notified within 24 hours of any embedding-store breach. ICO notification window of 72 hours is met by default; we draft the notification, the customer files it.
-
§ 04 · STAFF
Quarterly training, annual attestation
Every staff member with embedding-store access completes the DSPT v8 awareness module quarterly and signs an annual attestation. Records held in the customer's audit pack.
What the DPO asks first.
- 01
Is this facial recognition?
No. We compute a 512-dimensional embedding from body shape, gait and clothing colour. We don't extract or store a facial template under the UK GDPR Schedule 1 special-category meaning. The ICO has been explicit that automated facial recognition needs an Article 9 lawful basis. ReID via embeddings is a different category of processing.
- 02
Where is the data?
Edge inference runs at the LHR (London) region. Embedding vectors are stored in the UK region with a 14-day expiry. Raw frames are held in a 30-second rolling buffer on the edge node and never persisted. No US transit at any hop.
- 03
Are you DSPT v8 ready?
Yes. The Data Security and Protection Toolkit v8 audit becomes mandatory on 30 June 2026 for relevant care and adult-care-adjacent settings. Our control mappings are built for the v8 controls and shared with the customer's auditor before the assessment window opens.
- 04
Who is the data controller?
The customer is the data controller. We are the processor. ICO ZA-registration is in progress; we'll publish the ZA number on this page on issuance.