Encryption everywhere
TLS 1.3 in transit. AES-256-GCM at rest. Per-tenant keys for integration credentials.
Row-Level Security
Postgres RLS enforces tenant isolation at the database layer. Application bugs cannot leak data across tenants.
Role-based access
Super Admin → Admin → Manager → Sales Rep, with optional custom roles. Every API call is scoped.
Audit trails
Every mutation is logged with actor, timestamp, before/after diff. Exportable for compliance reviews.
Hardened infra
ISO-27001 certified data centers in India. WAF, DDoS protection and rate limiting on every endpoint.
Compliance ready
DPDP Act alignment, RERA-compliant data handling, DPA available on request.
Responsible disclosure.
Found a vulnerability? We appreciate your help. Email security@sconsett.com with details — please give us 90 days to remediate before public disclosure. We acknowledge every report within 48 hours and credit researchers in our hall of fame.
Need a DPA, SOC report, or security questionnaire?
We'll turn it around within 3 business days.
Talk to our team