Trust center
Security posture, in plain language.
We won't claim attestations we don't hold. Below is what we actually run today, what's on the roadmap, and which third parties touch your data.
Encrypted in transit + rest
TLS 1.3 · AES-256-GCM
EU
Default residency
Frankfurt · eu-central-1
SHA-256
Audit hash
Tamper-evident chain per tenant
0
Cross-tenant incidents
Tested on every commit
100%
TLS in transit
HSTS preload · no HTTP fallback
Security posture
What we run today.
Live = production-verified. Roadmap items have a target date.
Multi-tenant isolation
LiveEvery database row carries org_id and every query goes through a scoped repository. Cross-tenant access is a P0 incident — the test suite explicitly verifies this on every commit.
TLS in transit
LiveAll public endpoints + internal service-to-service hops enforce TLS. HSTS preload + no HTTP fallback.
Hash-chained audit log
LiveSHA-256 over canonical JSON. prev_hash + self_hash on every row. /audit/verify endpoint replays the chain in seconds.
RBAC + least-privilege
Live5 roles (Owner / Admin / Reviewer / Member / Viewer) enforced on every write endpoint. Permission matrix is org-configurable.
Webhook signature verification
LiveHMAC-SHA256 with constant-time comparison. Fail-closed: missing secret = rejected.
EU data residency
LiveFrankfurt (eu-central-1) by default. Tenant-level override to UK, US, APAC, India, Canada, or Brazil.
SAML 2.0 SSO + SCIM
Enterprise tierOkta, Azure AD, Google Workspace, OneLogin. Enforce-SSO toggle disables password login org-wide.
Bring-your-own KMS
Enterprise tierCustomer-managed encryption keys via AWS KMS or Azure Key Vault. Quarterly rotation.
Penetration testing
Q3 2026Independent CREST-certified pentest commissioned for Q3 2026.
SOC 2 Type II
In progressObservation period started Q4 2025. Report expected H2 2026.
ISO 27001
RoadmapStage 1 audit Q1 2027. Stage 2 expected Q2 2027.
Sub-processors
Who touches your data.
The full list. We never add a sub-processor without notifying customers in advance via the in-app changelog + email.
| Sub-processor | Purpose | Region |
|---|---|---|
| AWS (eu-central-1) | Tenant database + storage | EU |
| Anthropic | Counsel + classification LLM | US (DPF) |
| Cloudflare | DDoS + WAF | Global |
| Sentry (EU) | Error monitoring | EU |
| Stripe | Billing (Enterprise + Growth) | EU |
| Postmark | Transactional email | EU |
Legal
Procurement docs ready before the demo.
The standard pack: DPA (Article 28), Standard Contractual Clauses (Module 2 + 3), sub-processor list (above), security questionnaire pre-filled (SIG Lite, VSA, CAIQ available). Ask on the demo form and we'll send the bundle ahead of the call.
GDPR Article 28 DPA
Standard Contractual Clauses
Sub-processor list
Security questionnaire (SIG Lite)
Vendor Security Assessment (VSA)
CSA CAIQ
Privacy policy
Cookie policy
Have a security question?
Our team will send the procurement pack ahead of the demo so you can route it to InfoSec while we schedule.