How we protect your data.
The non-marketing version — what we actually do, what we do not do yet, and how to report a vulnerability.
Tenant-isolated, not just tenant-scoped.
Every customer gets a dedicated database. We do not use a shared schema with a tenant_id column — there is no row-level multi-tenancy. Your inventory, customer and order data live in their own database, on shared infrastructure but in separate logical tenancies, via Stancl Tenancy.
The central database holds your account, subdomain, subscription and the encrypted credentials for your marketplace connections. Tenant databases hold everything else.
At rest, in transit, and on the wire to marketplaces.
In transit
TLS 1.2+ on every request. HTTPS-only cookies. No HTTP fallback.
At rest
Database storage encrypted by our hosting provider. Sensitive columns encrypted at the application layer via Laravel's encrypted casts.
Marketplace tokens
OAuth refresh tokens, API keys and webhook secrets are AES-256 encrypted at the column level before they touch disk.
Roles, permissions, and a paper trail.
What we don't have yet.
Most security pages bury the negatives. We list them here so you know going in.
SOC 2 Type II attestation
Targeting Q3 2026. We have the controls; we do not yet have the audit.
HIPAA / healthcare compliance
Not in scope. Don't put PHI in our system.
PCI DSS scope
We don't touch payment card data. Cards go through your marketplace's native payouts, never through us.
Public bug bounty
No public-facing bounty program yet. We do honour responsible disclosure — see below.
Found a security issue?
Please email [email protected] with details. We acknowledge within one business day and keep you informed through remediation.
For machine-readable disclosure info, see our /.well-known/security.txt file (RFC 9116).
Security questions for a sales conversation?
Send specifics. Our engineers — not a salesperson — will reply.