Security & Data Retention

Operational baseline for beta customers

Current Security Baseline

  • - Role-based access controls gate organization, project, and team-management actions.
  • - Login flow includes password hashing, brute-force protection, and login-attempt tracking.
  • - Unexpected server errors are returned as generic `500` responses instead of raw exception text.
  • - Product analytics and server-side event payloads are trimmed/redacted for common secret fields.

Data Retention

  • - Free plan baseline: snapshots/logs retained for 30 days.
  • - Organization/project delete requests are soft-deleted first.
  • - Soft-deleted entities are hard-deleted after a 30-day grace window.

Secret Redaction

Common secret-like keys and token-shaped values are masked before persistence to reduce accidental exposure risk in stored payloads.

Access Control

Organization and project actions are protected by role-based permissions. Users without sufficient roles receive explicit action-level denial messages.

Operational Metadata

We retain security and operations metadata such as user IDs, IP addresses, user-agent strings, and audit records needed for login protection, abuse review, and product operations. This metadata is not treated as marketing content and may appear in internal operational systems even when customer payload content is redacted.

Infra & Monitoring

Service health is monitored with operational alerting and periodic cleanup jobs. Current beta baseline uses Railway-hosted runtime infrastructure and PostHog analytics telemetry with reduced property collection for common sensitive fields.

Region Baseline

Current deployment baseline is US-based infrastructure. Region policy will be updated if dedicated regional hosting is introduced.

Current Limitations

  • - This is an MVP/beta baseline, not a SOC 2, ISO 27001, or enterprise compliance claim.
  • - SSO, MFA enforcement, customer-managed keys, and formal pentest attestations are not yet shipped.
  • - US-only deployment is the current default; regional residency guarantees are not yet offered.
  • - If you need stricter contractual/security controls, treat them as roadmap items unless explicitly agreed in writing.