Enterprise Security

Security & Compliance

Your data security is our top priority. We maintain the highest standards of security and compliance.

Encryption at rest & in transit

All data is encrypted at rest using AES-256 via Google Cloud Firestore. All connections use TLS 1.3. Integration credentials are encrypted and never exposed in exports.

GDPR Compliant

Export all your data or request permanent account deletion at any time from your Profile page. We never sell personal data to third parties.

Security headers enforced

Every response includes Content Security Policy, HSTS, X-Frame-Options, X-Content-Type-Options, and Referrer-Policy headers following OWASP best practices.

Google Cloud infrastructure

Hosted on Vercel's global edge network with Google Cloud Firestore. Firebase Authentication manages credentials with industry-standard token rotation and secure session handling.

Compliance & Certifications

We maintain the highest standards of security and compliance.

GDPR — data export and deletion available to all users
AES-256 encryption at rest (Google Cloud Firestore)
TLS 1.3 in transit on all connections
Content Security Policy + HSTS on every response
Role-based access control (Admin / Manager / Operator)
Audit logging on critical operations
SOC 2 Type II — audit in progress
Data Processing Agreement (DPA) available on request

Have questions about security?

Contact our security team for more information about our security practices and compliance.

Contact Security Team