Self-generating SQF reports
Score history, findings export, sub-supplier roll-up - exportable as CSV or PDF with one click.
Food & Beverage compliance
Every CoA, validated against the clause your auditor will check.
SQF Edition 9, BRCGS Issue 9, FDA FSMA, FSSAI and HACCP - Tracegence reads each document, runs it through the rule engine, and writes an audit-grade trail.
Shipping today
Your next audit
Calm, confident & closed.
Walk into your next SQF or BRCGS audit with no last-minute document hunts and no supplier follow-ups. Every CoA, allergen statement, sanitation log and calibration cert sits in one row-level-secure repository, organised by folder, tagged by supplier, indexed by expiry.
When the auditor asks "show me the cocoa CoA from March", it takes one search. When they ask "is this lot allergen-tested?", the rule engine already validated against SQF §2.4.6 and the cited clause is on the document's findings page.
On-time supplier submissions
Tokenised email links + 5-tier expiry alerts (30/14/7/1 days) eliminate "did you ever send that CoA?" emails.
Digital production forms
Shop-floor capture on iPad/Android. CoAs, calibration logs, sanitation checks - all flow into the same audit log.
Automatic customer certifications
Outbound document share (Q3 2026) - your customers pull the latest cert from a tokenised URL with no email attachments.
< 30s
Per-document validation
100%
Rejections cite the clause
Built on the rulebook
The clauses your auditor cites are the clauses we check.
Generic compliance tools rely on keywords and templates. Tracegence retrieves the actual rulebook clause for the document type, asks Vertex AI to compare the extracted fields against it, and writes the citation into the validation finding.
A reviewer reading the failing record sees: the rule, the clause, the offending field, and the model's reasoning. No black-box "AI rejected this" - every decision is auditable.
SQF Edition 9 corpus
§2.4.6 Allergen control · §2.4.8 Lot traceability · §5.2.1 Document signing · §6.3.4 Shelf life.
BRCGS Issue 9 corpus
§3.5 Supplier approval · §5.6.1 Calibration · §6.2 Product defence · §3.5.4 Specifications.
FDA 21 CFR Part 117
§117.135 Process controls · §117.305 Records · §117.475 Allergen labelling.
Bring-your-own corpus
Drop SQF / BRCGS / FDA / FSSAI PDFs into the rulebook directory. RAG re-embeds in one command.
12+
Document types pre-typed
Less paperwork, more sales - when certification stops being a fire drill.
SQF certification ready
- ✓ Track supplier compliance with time-stamped approvals
- ✓ Digital HACCP documentation (CCP records, deviation logs)
- ✓ Pre-audit readiness reports - clause-level pass/fail
- ✓ Allergen attestation enforced at upload time
Acme DairyLot ML-2026-0438
✓ SQF §2.4.6 Allergen
✓ SQF §6.3.4 Expiry +180d
✓ SQF §5.2.1 Signed
✓ RAG conforms (0.93)
Status · successful
< 30s
Validation time
4×
Above industry adoption
BRCGS compliance
- ✓ Document version control with one-click restore
- ✓ Real-time compliance status - every doc, every supplier
- ✓ Role-based access · Owner/Admin/Manager/Client/Auditor
- ✓ §6.2 product defence: PDF tamper detection ML
What this looks like in food safety
Concrete capabilities a QA manager can verify in the demo.
Allergen attestation
Every CoA has its allergen test method extracted, and a signed-by-QA-manager attestation enforced as a rule. Unsigned CoAs auto-rejected.
Lot traceability across docs
Cross-doc consistency: lot ID on the CoA must equal the shipping doc and the finished-product label. One mismatch raises an explainable finding.
Approved supplier check
Each raw material has a current CoA from an approved supplier with a valid date. Expired or unapproved suppliers blocked at upload time.
PDF tamper detection
Fraud model flags layered fonts, missing signature blocks, and template-recycled CoAs before they enter the supplier file.
No backdated records
Records are dated, signed and indelible by Postgres trigger. Even an admin cannot rewrite the audit log.
Critical control point evidence
Sanitation logs, pest control reports, and calibration certs typed and indexed; expiry alerts at 30 / 14 / 7 / 1 days out.
Watch a CoA flow through the pipeline
Hover any stage to see what happens, or hit Play to auto-advance. Each stage maps to a real module in the codebase.
01
Capture
Supplier drops the CoA via the portal or a tokenized email link. Stored in S3 with a tenant-prefixed key. Storage delta event emitted for billing.
POST /public/supplier-upload/<token> 1 / 6
Try the rule engine on a CoA
Toggle between a clean and a broken CoA. Hit Validate. Watch each rule fire with the cited SQF/BRCGS clause and the offending field.
Certificate of Analysis
extracted by Vertex AI Gemini · confidence 0.94- Supplier
- Acme Dairy Co.
- Product
- Skim Milk Powder
- Lot Number
- ML-2026-0438
- Manufacture Date
- 2026-04-12
- Expiry Date
- 2026-11-15
- Test Method
- USDA AMS 2.4.6
- Signed By
- Q. Chen, QA Manager
Validation receipt
Hit Validate to run the rule engine.
Detail: each stage in plain English
- 01
Capture
Supplier drops the CoA via a tokenized email link or the portal. Stored in S3 with a tenant-prefixed key.
POST /public/supplier-upload/<token> - 02
OCR + classify
AWS Textract pulls forms and tables. Vertex AI Gemini decides "this is a CoA" and pulls supplier, lot, expiry, test method, signature.
apps/pipeline/textract.py - 03
Validate
Rule engine fires required_fields, expiry_in_future, signed, and a rag_check that retrieves SQF §2.4.6 and asks Gemini whether this CoA conforms.
apps/validation/engine.py - 04
Audit trail
Every status change written to an append-only log with a Postgres trigger blocking UPDATE/DELETE. Object Lock retention on Enterprise.
apps/audit_log/views.py
Document types ready to go
Certificate of Analysis (CoA)Allergen statementSafety Data Sheet (SDS)HACCP planSQF certificateBRCGS certificateFDA registration letterPest control reportSanitation logCalibration certificateTraining recordMock-recall reportAudit report
See it cite the clause.
Spin up a tenant, upload a sample CoA, watch SQF §2.4.6 validation run live.