We implement industry-standard security practices to keep your organization's data safe.
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. Your passwords are hashed using bcrypt with salting.
Hosted on Vercel with automatic DDoS protection. Database hosted on Supabase with daily automated backups and point-in-time recovery.
Secure session management with JWT tokens. Support for passwordless email link authentication. Sessions expire after 7 days of inactivity.
Workspace-level permissions with Owner, Admin, and Member roles. Users only see data within their workspace.
Your data is stored in secure data centers in the United States (AWS US-West-2). We use Supabase for our database, which provides managed PostgreSQL hosting with daily backups.
We retain your data for as long as your account is active. When you delete your account, all personal data is removed within 30 days. Billing records may be retained as required by law.
We use trusted third-party services that maintain their own security standards:
You can export your data at any time from the Settings page. You have the right to access, correct, or delete your personal information. For data-related requests, please contact us.
If you have security concerns or want to report a vulnerability, please contact us.
Contact Us