Security & Sovereignty Statement.

Architecture

MENA Petro runs on a sovereign-grade runtime with deterministic replay, crisis continuity, and degraded-mode governance.

Access control

• Row-level security on every operator data table.
• Tier-based capability gating: Evaluation, Professional, Strategic, Sovereign.
• Trusted device tracking and session revocation on demand.

Billing integrity

Payment receipts are stored in a private bucket. Only the submitting operator and authorized admin reviewers can access them. Activation requires an authenticated admin verification chain.

Data sovereignty

Data is processed within the operational perimeter required by the customer's deployment tier. Sovereign deployments support dedicated regional isolation.

Disclosure

Suspected vulnerabilities should be reported to the strategic operations team for coordinated handling.