Your data is safe with us
We take the security of our customers' data seriously. Here is exactly how we protect it.
Encryption everywhere
All data in transit is protected by TLS 1.3. All data at rest is encrypted with AES-256 including database backups.
- TLS 1.3 on all endpoints
- AES-256 at rest
- Encrypted automated backups
Strong authentication
JWT tokens with short-lived access (15 min) and rotating refresh tokens (7 days). Password hashing uses bcrypt with modern cost factors.
- Short-lived access tokens
- Rotating refresh tokens
- bcrypt password hashing
- Google OAuth 2.0 support
Role-based access control
5 distinct roles (super_admin, owner, admin, manager, member) with granular permissions on every endpoint. Impersonation tracked with audit logs.
- Multi-tier role hierarchy
- Per-endpoint permission checks
- Auditable admin impersonation
Enterprise infrastructure
Hosted on Railway and Vercel with global CDN, automatic DDoS protection, and 99.9% SLA target. Database backed up every 24 hours with point-in-time recovery.
- Global edge CDN
- Automatic DDoS mitigation
- Daily database backups
- Point-in-time recovery
Data isolation
Every query filters by companyId at the application layer. No cross-tenant data leakage is possible by design.
- Per-company row-level filtering
- No shared caches between tenants
- Full data export on request
Compliance & privacy
Aligned with GDPR, KVKK (Turkey), and Saudi PDPL. Right to export, right to delete, and full transparency on subprocessors.
- GDPR aligned
- KVKK compliant
- Saudi PDPL aligned
- Data Subject Rights API
Report a vulnerability
If you've discovered a security issue, please email us at security@zyrix.co