CCompliage
Theme
MapCatalogPricing
Sign inStart free trial
Legal

Security

Our commitment to protecting your data and maintaining platform security.

Security Overview

At Compliage, security is fundamental to everything we do. We implement industry-standard security practices to protect your data and ensure platform reliability.

Infrastructure Security

Hosting and Network

  • Secure hosting infrastructure with regular security updates
  • HTTPS encryption for all data in transit
  • Firewall protection and intrusion detection
  • Regular security patches and system updates

Database Security

  • PostgreSQL database with encrypted connections
  • Regular automated backups
  • Access controls and authentication
  • Data encryption at rest

Application Security

Authentication

  • Passwordless magic link authentication via email
  • Session management with secure tokens
  • Automatic session expiration
  • Protection against common attacks (CSRF, XSS)

Data Protection

  • Role-based access control (RBAC)
  • Data isolation between accounts
  • Input validation and sanitization
  • Secure API endpoints

Third-Party Services

We carefully select security-conscious third-party services:

  • Stripe: PCI-compliant payment processing
  • Resend: Secure email delivery
  • Plausible: Privacy-friendly analytics (no cookies, no personal data)

Development Practices

  • Code review process for all changes
  • Automated testing and continuous integration
  • Dependency scanning for known vulnerabilities
  • Principle of least privilege for system access

Monitoring and Response

System Monitoring

  • 24/7 automated monitoring and alerting
  • Error tracking and logging
  • Performance monitoring
  • Uptime tracking

Incident Response

In the event of a security incident, we have procedures to:

  • Quickly identify and contain the issue
  • Investigate root cause
  • Notify affected users when required
  • Implement fixes and preventive measures

Data Handling

Data Minimization

We only collect data necessary to provide our service. We do not collect or store unnecessary personal information.

Data Retention

We retain your data while your account is active and for a reasonable period afterward to comply with legal obligations.

Data Deletion

You can request account deletion at any time. We will delete your personal data within 30 days, except where retention is required by law.

Compliance

  • Regular security assessments
  • Compliance with data protection regulations
  • Privacy by design principles
  • Transparent security practices

Responsible Disclosure

If you discover a security vulnerability, please report it responsibly:

  • Email us at team@compliage.com with details
  • Allow us reasonable time to investigate and address the issue
  • Do not exploit the vulnerability or disclose it publicly before we've resolved it

We appreciate security researchers who help us maintain a secure platform.

User Responsibilities

Security is a shared responsibility. You can help protect your account by:

  • Using a secure email account for authentication
  • Not sharing your account access with others
  • Reporting suspicious activity immediately
  • Keeping your contact information up to date

Questions

For security-related questions or concerns, contact us at team@compliage.com.

Security — Compliage — Compliage