Security, Privacy & Trust

Last updated: October 26, 2023

We understand that you trust us with your critical business data. Our security posture is built around three core engineering philosophies: Zero-Trust Access, Immutable Infrastructure, and Data Minimization.

Rather than relying on retroactive compliance checklists, we have structurally engineered our application from day one to eliminate common threat vectors such as credential leaks, human server misconfiguration, and unauthorized cross-tenant data access.


1. Data Infrastructure & Hosting

Enterprise Cloud Infrastructure

Our primary application instances and production database environment are hosted within high-availability, enterprise-grade data centers located in the Australia Region.

  • Compute Engine: Isolated Linux Virtual Private Servers (VPS) optimized for dedicated performance.
  • Declarative Provisioning: Our host infrastructure is entirely immutable. Servers are provisioned deterministically using an automated cloud-init configuration engine. This ensures absolute environment consistency and eliminates the risk of manual configuration drift, human error, or unauthorized accidental changes.

Multi-Tenant Data Isolation

We utilize a secure multi-tenant architecture with logical data separation strictly enforced at the database layer.

  • All client data is mapped via relational Foreign Key constraints referencing a strict, isolated entity identifier (tenant_id / company_id).
  • Data boundary isolation is aggressively enforced at the application API gateway level prior to any database read or write operation, guaranteeing that tenants can never access or modify data belonging to another organization.

2. Encryption & Data Protection

Data in Transit

All external network traffic traversing our system is encrypted using industry-standard Transport Layer Security (TLS 1.2 and TLS 1.3) protocols.

  • Edge Termination & Enforced HTTPS: Encryption is managed and terminated at our high-performance edge reverse proxy. All legacy HTTP traffic is automatically and permanently redirected to HTTPS at the infrastructure edge before reaching any application logic.
  • Automatic SSL Renewal: Cryptographic certificates are automatically managed and rotated via automated ACME-driven certificate authorities, ensuring transit vectors remain secure against interception or downgrade attacks.

Data at Rest & Secrets Management

  • Cryptographic Backups: Production data is continuously protected via cryptographic snapshotting. Application backups are timestamped and symmetrically encrypted using high-entropy keys before being distributed across three distinct, physically isolated storage volumes.
  • Deployment Secrets: Application secrets, API integrations, and database credentials are never hardcoded in source control. Credentials are secure-injected dynamically during deployment via encrypted CI/CD runners into protected production environment states, guarded by hardened Unix file-system permissions (chmod 600) restricted exclusively to root processes.

3. Product Security & Authentication

Zero-Password Authentication (OTP)

To completely eliminate the risk of password-stuffing attacks, brute-force exploits, and credential harvesting, our platform utilizes a secure Passwordless Identity Model.

  • Users authenticate purely via a time-delimited, high-entropy One-Time Password (OTP) delivered securely to their corporate email inbox.
  • This architecture leverages the pre-existing enterprise security policies (such as corporate Single Sign-On and Multi-Factor Authentication) enforced by your organization's own email provider.

Application-Level RBAC

Authorization boundaries are handled through robust Role-Based Access Control (RBAC) embedded inside our core .NET micro-services platform.

  • Access tokens are continually validated against assigned role scopes (e.g., Admin, Read/Write, Read-Only).
  • Unauthorized CRUD (Create, Read, Update, Delete) calls are rejected and blocked at the application framework level before interacting with the database engine.

4. Operational Security & Business Continuity

Hardened Remote Access

Administrative access to our production server cluster is locked down using the principle of least privilege:

  • Key-Based Authentication Only: All password-based SSH access is permanently disabled. Access is permitted strictly via cryptographic SSH key-pairs.
  • Network Obfuscation & Firewalls: The standard SSH management port has been relocated to a non-standard, irregular port structure to prevent automated scanning bots. Host-level firewalls are strictly configured to drop all incoming traffic except explicitly whiterouted HTTP, HTTPS, and administrative ports.

Masked Audit Logging

Our platform maintains discrete application logs designed to support internal compliance investigations while respecting modern data minimization practices.

  • Mutation Tracking: Every major state change—including the creation, modification, and deletion of business records—is recorded along with user attribution data.
  • Privacy Masking: System identifiers and sensitive fields within audit logs are partially masked at the time of ingest to satisfy data minimization standards.
  • Strict Retention: All application logs operate on an automated, non-reversible rotation schedule and are permanently purged after 90 days.

Delivery Pipeline Monitoring

Continuous deployment integrity is actively monitored. Our integrated CI/CD pipeline triggers immediate alerts and delivery failure hooks directly to engineering channels upon any compilation or deployment anomaly, ensuring operational transparency.


5. Compliance, Legal & Subprocessors

Regulatory Alignment & Data Rights

We adopt a Privacy by Design methodology, aligning our internal development practices with core international privacy guidelines, including the Australian Privacy Principles (APPs) and the EU General Data Protection Regulation (GDPR).

  • Roadmap Commitments: We are actively developing native self-service data erasure tools to seamlessly accommodate automated data deletion and "Right to Be Forgotten" compliance workflows for canceling organizations.
  • Compliance Evolution: We actively partner with our early customers to adapt our structural controls to match their precise regional regulatory frameworks as they scale.

Subprocessor Directory

We explicitly limit the distribution of user data to a highly restricted, enterprise-grade vendor ecosystem. Our core subprocessors maintain exceptional security credentials:

SubprocessorCore Service ProvidedKey Security Compliance Status
ContaboCore Bare-Metal Infrastructure & Compute HostingISO 27001 Aligned Facilities, Strict Role-Based Physical Controls, German Quality Engineering Standards
Zoho ZeptoMailTransactional & Authentication Email DeliverySOC 2 Type II Certified, ISO 27001, ISO 27701, GDPR Compliant Infrastructure, Full Data Encryption At-Rest (EAR)

Looking for our Privacy Policy or Terms of Service?
You can find our legal agreements directly at /privacy and /terms. For deeper architecture questionnaires or technical security assessments, please contact our support team at [email protected].