Veto/docs

Plaw is not a BYOC sub-processor

Procurement language for Veto BYOC deployments.

Plaw is a software supplier for BYOC

For Veto BYOC, Plaw supplies software artifacts, signatures, SBOMs, attestations, documentation, and license services. The customer runs the control plane in its own environment and decides whether any telemetry or support bundle is sent.

Plaw is not a sub-processor for BYOC customer policy content, decisions, tool-call arguments, agent IDs, end-user IDs, Slack content, compiled NL prompts, env vars, or secrets because those data classes are not sent to Plaw by the product.

The default license heartbeat contains exactly six fields: instance_uuid, license_id, decision_count_30d, sdk_version, operator_version, and timestamp. It is counters and version metadata only.

There is no Plaw cross-account IAM, no AWS assume-role, no GCP service account impersonation, and no Azure tenant impersonation from plaw.io.

BYOC data-flow attestation

Cross-boundary data flow for Veto BYOC.

DPO FAQ

Common data protection questions for Veto BYOC.

On this page

Plaw is a software supplier for BYOC
Edit this pageFeedback