Security

Database: Your workspace data (requests, evidence metadata, summaries) is stored in Neon PostgreSQL, a managed database service with encryption at rest.

File Storage: Evidence files (PDFs, images) are stored in Vercel Blob, a managed object storage service. Files are encrypted at rest and in transit.

Location: Data is stored in US regions. Contact us if you have specific data residency requirements.

Each workspace is fully isolated. All database queries include workspace ID filters enforced at the application level. There is no cross-tenant data access.

Workspace members can only access data within their workspace. Users cannot view, modify, or export data from other workspaces.

User Authentication: We use Clerk for user authentication. Clerk provides secure session management, password policies, and multi-factor authentication options.

Auditor Tokens: Auditors access exports via time-limited, read-only tokens. These tokens grant access only to specific exports and cannot modify any data. Tokens can be revoked at any time.

Workspaces have two roles: Owner and Member.

• Owners can manage billing, invite members, and configure workspace settings
• Members can upload evidence, create requests, and generate exports
• Auditors (via tokens) can only view and download exports

The auditor portal is strictly read-only. Auditors can:

• View exports assigned to their token
• Download export ZIP files
• View export metadata and evidence summaries

Auditors cannot upload files, modify evidence, or access workspace settings. All auditor access is logged.

Once an export is generated, its contents cannot be changed. Each export includes:

• Export ID: Unique identifier for audit trail
• Generated At: Timestamp of generation
• Worker Version: Build SHA that generated the export
• File Checksums: SHA-256 hashes of included files

This metadata allows auditors to verify export integrity and provides a clear audit trail.

We log key actions for audit and debugging purposes:

• User login events
• Evidence uploads and deletions
• Export generation and downloads
• Auditor token creation and usage
• Billing and plan changes
• Auditor portal access events (page views, export views, downloads)

Auditor Access Tracking: We record auditor access events including the token used, timestamp, and page type. IP addresses are stored as salted hashes for traceability without storing raw IP data. Audit logs are retained for 90 days.

Logs are retained for operational purposes. Sensitive data (passwords, tokens, raw IP addresses) is never logged in plaintext.

Exports: Export files are retained for 90 days by default. Expired exports are automatically deleted.

Evidence: Evidence files are retained as long as your workspace is active. Soft-deleted evidence is permanently removed after 30 days.

Account Deletion: You can request complete data deletion at any time. Contact support with your workspace ID.

To request deletion of your workspace and all associated data:

1. Email support with your workspace ID (found in Settings)
2. We'll verify your identity as a workspace owner
3. Deletion is completed within 48 hours
4. You'll receive confirmation once complete

Deletion permanently removes all evidence files, exports, requests, and workspace configuration. This action cannot be undone.