Faultline

DPA Readiness

Data processing review for metadata-first deployments.

Faultline is designed to support enterprise procurement reviews around scanner snapshot metadata, audit evidence, subprocessors, retention, and customer-controlled deployment paths.

Downloadable overview

A public DPA readiness overview is available as a portable markdown artifact.

Download DPA Overview

Processing scope

The default data boundary is source-free.

Data categories

  • Repository metadata and service identifiers
  • Ownership and CODEOWNERS-derived signals
  • Policy findings and suppression metadata
  • Audit export metadata and accountability events
  • Integration delivery status for configured tools

Excluded by default

  • Source code by default
  • Production runtime traces
  • Customer application secrets
  • Developer workstation contents
  • Private incident notes unless explicitly supplied

Deployment controls

  • Customer-managed cloud deployment supported
  • PostgreSQL-backed tenant isolation with RLS
  • Redis-backed rate limiting
  • S3-compatible audit evidence exports
  • OIDC identity provider integration

Procurement

DPA review path.

Enterprise teams moving from pilot to paid deployment can request a DPA review packet, subprocessor list, and security questionnaire response from security@gofaultline.dev.