Isolated provisioning & hardening
Single-tenant environment provisioned on enterprise-grade cloud infrastructure. Initial hardening pass. BAA execution. Pen-test firm engaged. Site survey of the client's tracking deployments.
A single sanitization boundary between your site and every third-party tracking destination. Tracking events enter raw, leave with no matchable identifier of any kind. Every Enterprise and MSO Platform deployment ends with an independent Letter of Attestation before live traffic activates.
Every tracking event takes one of three paths: stripped at the perimeter, forwarded to private analytics in full, or forwarded as a non-identifying conversion signal.
| Event | What enters Apex Vault | What leaves Apex Vault | Destination |
|---|---|---|---|
| Page view | IP, browser fingerprint, URL, referrer, user agent | Full session data (first-party) | First-party analytics (private, client-owned) |
| Conversion event | IP, fingerprint, URL, form context | Per-event UUID, value, timestamp | Conversion APIs |
| Form interaction | Field-level interaction data | Interaction events (first-party only) | First-party analytics |
| EHR / patient portal | — | — | Never enters Apex Vault |
| CRM / marketing automation | — | — | Different data path |
What never crosses the wire to a third-party destination: raw IP, browser fingerprint, URL, referrer, user agent, click identifiers (fbclid, gclid), hashed email, hashed phone, hashed name, hashed date of birth, any persistent user identifier. The Conversion API payload carries a per-event UUID, the conversion value, and the timestamp. Nothing else.
Two categories. Five named outputs. Nothing else is configurable.
Visibility into user behavior without forwarding it to Google or Meta (neither will sign a BAA for these products). Private, client-owned instance inside your perimeter. Full session data, no third-party flow. Replaces GA4 / Adobe Analytics.
Each receives a per-event UUID, conversion value, timestamp. No user identifier crosses the wire. Powers Advantage+, Performance Max, Smart Bidding at the aggregate layer.
Anything else — third-party analytics, CRM, marketing automation, clinical systems — is not a configurable output. See Section 03.
Apex Vault is a perimeter proxy for the marketing and analytics surface only. Everything else runs on separate data paths and is untouched.
Every MSO Platform and Enterprise deployment ends with an independent Letter of Attestation before live production data routes through the perimeter.
Dedicated single-tenant deployment on enterprise-grade cloud infrastructure carrying provider-level SOC 2 Type II and ISO 27001 attestations, operated under Apex Vault's direct engineering control. Apex Vault's own posture is CSA CCM / CAIQ self-attested, with SOC 2 Type 1 as the next milestone.
Independent third-party security firm conducts a targeted manual pen test against the client's specific infrastructure before any live production data enters. Cost absorbed by Apex Vault. Findings remediated to zero un-remediated Critical or High under CVSS v3.1.
Independent Letter of Attestation issued. Traffic routing activates only after manual hardening, validation, and the clean attestation. Annual re-validation pen test runs against the deployment for the life of the engagement.
9 weeks for MSO Platform and Enterprise — anchored on the Validation Standard. Independent Practice tier runs a 7-day cycle on shared infrastructure.
Single-tenant environment provisioned on enterprise-grade cloud infrastructure. Initial hardening pass. BAA execution. Pen-test firm engaged. Site survey of the client's tracking deployments.
Apex Vault proxy configured for the client's specific tracking surface. First-party analytics instance provisioned. Conversion API routes wired to client ad accounts. End-to-end testing of sanitized data flow under non-production traffic.
Independent third-party manual pen test against the client's specific infrastructure. Findings reviewed. Remediation to zero un-remediated Critical or High. Re-test as needed.
Letter of Attestation issued. Tracking pixels removed from client site. Traffic routing activates. Sanitized data flow goes live. Annual re-validation pen test scheduled for next cycle.
Independent Practice pricing is public on /core. MSO Platform and Enterprise tier sheets are MNDA-gated — Validation Standard scope, single-tenant terms, annual re-validation cadence, BAA negotiation, indemnification structure.