diff --git a/index.php b/index.php
index f081df1..2125730 100644
--- a/index.php
+++ b/index.php
@@ -323,7 +323,7 @@
                         <a href="#how" onclick="openPage('how'); return false;" class="bg-black text-white px-6 py-3 rounded-2xl text-sm hoverlift">
                             See how it works →
                         </a>
-                        <a href="#security" onclick="openPage('security'); return false;" class="chip px-6 py-3 rounded-2xl text-sm hoverlift">
+                        <a href="#trust" onclick="openPage('trust'); return false;" class="chip px-6 py-3 rounded-2xl text-sm hoverlift">
                             Security →
                         </a>
                     </div>
@@ -534,12 +534,8 @@
         <!-- ========================= END PRICING PAGE ========================= -->
 
         <!-- ========================= SECURITY & TRUST PAGE ========================= -->
-        <section id="page-security" class="page fade hidden">
-<section class="max-w-7xl mx-auto px-6 py-24"> <div class="max-w-3xl"> <span class="inline-block text-sm px-4 py-1 rounded-full bg-gray-100 mb-6"> Security </span> <h1 class="text-5xl font-semibold leading-tight mb-6"> Built to be trusted — not overclaimed. </h1> <p class="text-lg text-gray-600 mb-8"> FinMox is designed to control hiring execution while producing defensible records. We take data handling, access control, and documentation seriously — even in early access. </p> <p class="text-sm text-gray-500"> We believe trust is earned through clear boundaries, not marketing claims. </p> </div> </section>
-<section class="max-w-7xl mx-auto px-6 py-20"> <div class="rounded-3xl bg-[#FAF8F6] p-10"> <h2 class="text-3xl font-semibold mb-6"> Security by design, not bolted on. </h2> <p class="text-gray-700 mb-6"> FinMox does not make autonomous hiring decisions, store unnecessary data, or replace systems of record. This intentionally limits risk. </p> <ul class="space-y-3 text-gray-700"> <li>✔ Humans define intent and make final decisions</li> <li>✔ Systems enforce execution steps and guardrails</li> <li>✔ Documentation is created automatically from actions</li> <li>✔ Data access is limited to what is operationally required</li> </ul> </div> </section>
-<section class="max-w-7xl mx-auto px-6 py-24"> <div class="grid md:grid-cols-2 gap-12"> <div> <h3 class="text-2xl font-semibold mb-4">Data handling</h3> <ul class="space-y-3 text-gray-700"> <li>✔ Data encrypted in transit</li> <li>✔ Minimal data retention by default</li> <li>✔ No resale or training on customer data</li> <li>✔ Clear separation of customer workspaces</li> </ul> </div> <div> <h3 class="text-2xl font-semibold mb-4">Access controls</h3> <ul class="space-y-3 text-gray-700"> <li>✔ Role-based access permissions</li> <li>✔ Explicit user attribution on actions</li> <li>✔ Restricted administrative access</li> <li>✔ Audit visibility into decision activity</li> </ul> </div> </div> </section>
-<section class="max-w-7xl mx-auto px-6 py-24"> <div class="rounded-3xl bg-white p-10 shadow-sm"> <h2 class="text-3xl font-semibold mb-6"> Automatic documentation without added admin work. </h2> <p class="text-gray-700 mb-6"> FinMox creates a decision trail as a byproduct of execution — not as an extra task imposed on teams. </p> <div class="grid md:grid-cols-3 gap-8"> <div> <h4 class="font-semibold mb-2">What’s recorded</h4> <p class="text-gray-600"> Role criteria versions, evaluator inputs, stage changes, overrides, timestamps, and decision outcomes. </p> </div> <div> <h4 class="font-semibold mb-2">What’s avoided</h4> <p class="text-gray-600"> No manual logs, no retroactive justification, no “recreate the story later.” </p> </div> <div> <h4 class="font-semibold mb-2">Why it matters</h4> <p class="text-gray-600"> Creates defensibility for audits, disputes, and internal review. </p> </div> </div> </div> </section>
-<section class="max-w-7xl mx-auto px-6 py-24"> <div class="rounded-3xl bg-[#FAF8F6] p-10"> <h2 class="text-3xl font-semibold mb-6"> Compliance posture </h2> <p class="text-gray-700 mb-6"> FinMox is not currently SOC 2 certified. We do not claim certifications we have not completed. </p> <p class="text-gray-700 mb-6"> However, our architecture and operating procedures are designed with SOC 2 readiness in mind. </p> <ul class="space-y-3 text-gray-700"> <li>✔ Defined access controls</li> <li>✔ Documented operational processes</li> <li>✔ Incident response planning</li> <li>✔ Vendor and data flow awareness</li> </ul> </div> </section><section class="max-w-7xl mx-auto px-6 py-24"> <div class="rounded-3xl bg-white p-10 shadow-sm"> <h2 class="text-3xl font-semibold mb-6"> What FinMox does not do </h2> <ul class="space-y-4 text-gray-700"> <li>• We do not make autonomous hiring decisions</li> <li>• We do not replace payroll, HRIS, or benefits systems</li> <li>• We do not claim bias elimination</li> <li>• We do not sell or repurpose customer data</li> <li>• We do not act outside defined guardrails</li> </ul> </div> </section><section class="max-w-7xl mx-auto px-6 py-24 text-center"> <h2 class="text-3xl font-semibold mb-4"> Trust is built through execution. </h2> <p class="text-gray-600 mb-8"> FinMox earns confidence by controlling how hiring decisions happen — and recording them automatically. </p> <div class="flex justify-center gap-4"> <a href="/apply.php" class="bg-black text-white px-8 py-4 rounded-xl"> Apply for access </a> <a href="/faq.php" class="border px-8 py-4 rounded-xl"> Read the FAQ → </a> </div> </section>
+        <section id="page-trust" class="page fade hidden">
+            <section class="panel-strong p-8 lg:p-10"> <div class="grid lg:grid-cols-12 gap-10 items-start"> <!-- Left --> <div class="lg:col-span-5"> <div class="chip inline-flex px-3 py-1 text-xs">Trust Center</div> <h1 class="mt-5 text-4xl font-extrabold tracking-tight">Built to be trusted.</h1> <p class="mt-5 text-gray-700"> FinMox is designed for consistent execution and defensible hiring records. Security is part of the workflow — not a checklist at the end. </p> <div class="mt-7 flex flex-wrap gap-3"> <a href="#apply" onclick="openPage('apply'); return false;" class="bg-black text-white px-6 py-3 rounded-2xl text-sm hoverlift"> Request Access </a> <a href="#faq" onclick="openPage('faq'); return false;" class="chip px-6 py-3 rounded-2xl text-sm hoverlift"> Read FAQ </a> </div> <div class="mt-7 flex flex-wrap gap-2 text-xs text-gray-600"> <span class="chip px-3 py-1">Human-in-the-loop</span> <span class="chip px-3 py-1">Audit-ready trails</span> <span class="chip px-3 py-1">Least privilege</span> <span class="chip px-3 py-1">Encryption</span> <span class="chip px-3 py-1">SOC 2 path</span> </div> <div class="mt-7 panel p-6"> <div class="text-sm font-semibold">Trust by design</div> <div class="mt-2 text-sm text-gray-700"> FinMox enforces execution steps (intake → qualification → movement → decision trail), so records are created automatically — without extra admin work. </div> <div class="mt-4 flex flex-wrap gap-2"> <span class="chip px-3 py-1 text-xs">Criteria versioning</span> <span class="chip px-3 py-1 text-xs">Override rationale</span> <span class="chip px-3 py-1 text-xs">Exportable logs</span> </div> </div> </div><!-- TRUST PAGE (PART 2/3) --> <!-- Right --> <div class="lg:col-span-7"> <div class="panel p-6"> <div class="text-sm font-semibold">Security summary (procurement-friendly)</div> <div class="mt-1 text-sm text-gray-600"> The controls enterprise reviewers expect — written plainly. </div> <div class="mt-5 grid sm:grid-cols-2 gap-4"> <div class="panel-strong p-5 hoverlift"> <div class="text-xs text-gray-500">Decision integrity</div> <div class="mt-2 text-sm text-gray-700"> Criteria is versioned. Overrides require rationale. Actions are logged. </div> <div class="mt-4 flex flex-wrap gap-2"> <span class="chip px-2 py-1 text-xs">Versioned</span> <span class="chip px-2 py-1 text-xs">Rationale</span> <span class="chip px-2 py-1 text-xs">Logged</span> </div> </div> <div class="panel-strong p-5 hoverlift"> <div class="text-xs text-gray-500">Access controls</div> <div class="mt-2 text-sm text-gray-700"> Role-based access supported. Least privilege by default. </div> <div class="mt-4 flex flex-wrap gap-2"> <span class="chip px-2 py-1 text-xs">RBAC</span> <span class="chip px-2 py-1 text-xs">Least privilege</span> <span class="chip px-2 py-1 text-xs">Reviews</span> </div> </div> <div class="panel-strong p-5 hoverlift"> <div class="text-xs text-gray-500">Encryption</div> <div class="mt-2 text-sm text-gray-700"> Encryption in transit + at rest (provider-supported). </div> <div class="mt-4 flex flex-wrap gap-2"> <span class="chip px-2 py-1 text-xs">TLS</span> <span class="chip px-2 py-1 text-xs">At-rest</span> <span class="chip px-2 py-1 text-xs">Keys</span> </div> </div> <div class="panel-strong p-5 hoverlift"> <div class="text-xs text-gray-500">Audit exports</div> <div class="mt-2 text-sm text-gray-700"> Decision trails are exportable for audit and compliance workflows. </div> <div class="mt-4 flex flex-wrap gap-2"> <span class="chip px-2 py-1 text-xs">Decision log</span> <span class="chip px-2 py-1 text-xs">Exports</span> <span class="chip px-2 py-1 text-xs">Records</span> </div></div></div> <div class="mt-6 panel p-6"> <div class="text-sm font-semibold">Common security questions</div> <div class="mt-4 grid gap-3"> <details class="panel-strong p-5"> <summary class="flex items-center justify-between"> <span>Is AI making hiring decisions?</span> <span class="chip px-2 py-1 text-xs text-gray-600">No</span> </summary> <div class="mt-3 text-sm text-gray-700"> Humans define criteria and make final decisions. FinMox enforces execution and records outcomes. </div> </details> <details class="panel-strong p-5"> <summary class="flex items-center justify-between"> <span>Do you support role-based access?</span> <span class="chip px-2 py-1 text-xs text-gray-600">Yes</span> </summary> <div class="mt-3 text-sm text-gray-700"> Teams can scope access by role and follow least-privilege practices. </div> </details> <details class="panel-strong p-5"> <summary class="flex items-center justify-between"> <span>Are actions logged and exportable?</span> <span class="chip px-2 py-1 text-xs text-gray-600">Yes</span> </summary> <div class="mt-3 text-sm text-gray-700"> Execution events create a defensible record: criteria versions, timestamps, overrides, and outcomes. </div> </details> <details class="panel-strong p-5"> <summary class="flex items-center justify-between"> <span>Are you SOC 2 certified?</span> <span class="chip px-2 py-1 text-xs text-gray-600">In progress</span> </summary> <div class="mt-3 text-sm text-gray-700"> SOC 2 prep is in progress. We won’t claim certification until it’s complete. </div> </details> </div> </div> <div class="mt-6 panel-strong p-8"> <div class="flex flex-col md:flex-row md:items-center justify-between gap-6"> <div> <div class="text-sm font-semibold">Need a security packet for procurement?</div> <div class="text-sm text-gray-600 mt-1"> Request access and we’ll share the right artifacts for your review. </div> </div> <div class="flex flex-wrap gap-3"> <a href="#apply" onclick="openPage('apply'); return false;" class="bg-black text-white px-6 py-3 rounded-2xl text-sm hoverlift"> Request Access </a> </div> </div> </div> </div> </div> </section>
         </section>
         <!-- ========================= END SECURITY & TRUST PAGE ========================= -->
 
diff --git a/trust.php b/trust.php
deleted file mode 100644
index c11386b..0000000
--- a/trust.php
+++ /dev/null
@@ -1,53 +0,0 @@
-<!DOCTYPE html>
-<html lang="en">
-<head>
-    <meta charset="UTF-8" />
-    <meta name="viewport" content="width=device-width, initial-scale=1.0" />
-    <title>FinMox — Security & Trust</title>
-    <!-- Tailwind CDN (AppWizzy-safe) -->
-    <script src="https://cdn.tailwindcss.com"></script>
-    <!-- Font -->
-    <link href="https://fonts.googleapis.com/css2?family=Inter:wght@300;400;500;600;700;800&display=swap" rel="stylesheet">
-    <link rel="stylesheet" href="assets/css/custom.css">
-</head>
-<body class="bg-warm">
-    <!-- TOP NAV -->
-    <header class="max-w-7xl mx-auto px-6 py-5">
-        <div class="flex items-center justify-between">
-            <div class="font-extrabold text-lg">FinMox</div>
-            <div class="hidden md:flex items-center gap-1 text-sm" id="nav-links">
-                <!-- Links will be injected by JS -->
-            </div>
-            <div class="md:hidden">
-                <button id="menu-button" class="p-2">
-                    <svg xmlns="http://www.w3.org/2000/svg" class="h-6 w-6" fill="none" viewBox="0 0 24 24" stroke="currentColor">
-                        <path stroke-linecap="round" stroke-linejoin="round" stroke-width="2" d="M4 6h16M4 12h16m-7 6h7" />
-                    </svg>
-                </button>
-            </div>
-        </div>
-        <!-- Mobile Menu -->
-        <div id="mobile-menu" class="hidden md:hidden mt-4">
-            <!-- Mobile links will be injected by JS -->
-        </div>
-    </header>
-
-    <main class="max-w-7xl mx-auto p-6">
-        <section id="page-trust" class="page fade">
-            <h1 class="text-5xl font-semibold leading-tight mb-6">Security & Trust</h1>
-        </section>
-    </main>
-
-    <!-- FOOTER -->
-    <footer class="max-w-7xl mx-auto px-6 pb-16">
-        <div class="panel-strong p-6 flex flex-col md:flex-row md:items-center justify-between gap-4 text-sm text-gray-600">
-            <div>FinMox © 2025</div>
-            <div id="footer-links" class="flex flex-wrap gap-3">
-                <!-- Footer links will be injected by JS -->
-            </div>
-        </div>
-    </footer>
-
-    <script src="assets/js/main.js?v=<?php echo time(); ?>"></script>
-</body>
-</html>
\ No newline at end of file