Security & Compliance

Enterprise-grade security with AES-256 encryption and SOC 2 compliance

Security Score

98/100

Excellent — All critical controls active

Score is calculated from 8 weighted categories: encryption at rest & in transit (25%), authentication method (15%), compliance certifications (15%), access logging (10%), infrastructure isolation (10%), backup policy (10%), data processing agreements (10%), and penetration testing (5%). ISO 27001 certification is in progress — completing it will bring the score to 100.

Encryption at Rest

Active

AES-256 encryption for all stored data

Encryption in Transit

Active

TLS 1.3 for all data transfers

OAuth 2.0 Authentication

Active

Secure token-based auth for all integrations

SOC 2 Type II

Compliant

Annual audit — last completed Jan 2026

Data Access Logging

Active

All access events logged and auditable

Infrastructure Isolation

Active

Dedicated VPC with private subnets

Automated Backups

Active

Hourly encrypted backups with 30-day retention

GDPR Compliance

Compliant

Data processing agreement available on request

Security Event Log

14:30:00Data encrypted at rest — AES-256Verified

14:25:00TLS 1.3 connection verified — Stripe APIVerified

14:20:00Access token refreshed — Shopify OAuthVerified

14:15:00SOC 2 compliance check passedVerified

14:10:00Failed login attempt — IP 192.168.x.x blockedBlocked

14:05:00Database backup completed — encryptedVerified

14:00:00API rate limit check — all endpoints healthyVerified

Compliance Certifications

SOC 2 Type II

Certified

Jan 2026

GDPR

Compliant

Ongoing

CCPA

Compliant

Ongoing

ISO 27001

In Progress

Est. Q3 2026