Security & compliance
Built for the bar industrial enterprises set.
The software we build runs in industrial environments where uptime, safety, and compliance are non-negotiable. Our security posture is built and maintained accordingly.
Architecture & data residency
- Hosted on AWS (EU Frankfurt region)
- Tenant isolation: per-customer data, per-customer integration credentials
- Encryption at rest (AES-256) and in transit (TLS 1.2+)
Authentication & access
- OTP-based authentication
- Role-based access control (RBAC)
- Audit logging on sensitive operations
Audits & approvals
- BP InfoSec cleared
- CBRE InfoSec cleared
- External pen-test completed (annual cycle)
Compliance
- GDPR-aligned (EU data residency, DPA available)
- DPA available on request
- DPO contact: [email protected]
Vulnerability disclosure
Found a security issue? Email [email protected]. We respond within 1 business day.
