SECURITY

Security you can trust

We take the security of your data seriously. Here is how we protect your information at every level.

All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Database connections use SSL certificates.

JWT-based authentication with configurable expiration. Support for two-factor authentication (2FA) via authenticator apps.

8 hierarchical roles with granular permissions. Backend guards enforce access at the API level — not just in the UI.

Complete logical data isolation between tenants. Each organization can only access their own data, enforced at the database query level.

All significant actions are logged with timestamps and user identification. Audit logs are immutable and available for compliance review.

Hosted on EU-based infrastructure with automated backups, redundancy, and disaster recovery procedures. 99.9% uptime SLA.

Continuous security monitoring and alerting. Automated vulnerability scanning and dependency updates.

Documented incident response procedures. GDPR-compliant breach notification within 72 hours to supervisory authorities.

Passwords are hashed using bcrypt with appropriate cost factors. We never store passwords in plain text.

Have Security Questions?

If you have any questions about our security practices or need a detailed security assessment, please reach out.