Security & Compliance
Built on a foundation of trust, transparency, and enterprise-grade protection.
Security Capabilities
Enterprise-grade protection built into every layer of the platform.
Encryption at rest and in transit
All data encrypted with AES-256 at rest and TLS 1.3 in transit. No exceptions.
GDPR compliant
Data subject rights fully supported — export, delete, and portability at any time.
Comprehensive audit trails
Every action logged, timestamped, and traceable. Full visibility for compliance and forensics.
Role-based access control
Fine-grained permissions ensure team members only access what they need.
Compliance Status
SOC 2 Type II
We will commence our Type II audit when we reach 10 paying enterprise customers.
Multi-factor authentication
TOTP and WebAuthn passkey support on the roadmap, with standard password authentication at launch.
Subprocessors
Third-party services that process data on our behalf. Each operates under appropriate data processing agreements.
| Service | Purpose | Location |
|---|---|---|
| Cloudflare | CDN, DDoS protection, DNS | US |
| Resend | Transactional email delivery | US |
| Sentry | Error monitoring and reporting | US |
| HubSpot | CRM and marketing automation | US |
| Better Uptime | Uptime monitoring and status page | EU |