Your data security is our top priority. We implement industry-leading practices to keep your commission data safe and secure.
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.
Sensitive fields like OAuth tokens and API keys are encrypted with separate keys.
Row-level security ensures complete data isolation between organizations.
Independently audited and certified for security, availability, and confidentiality.
Full compliance with international data protection regulations.
Secure authentication with Google, Discord, and other providers.
Comprehensive logging of all user actions and system events.
24/7 security monitoring and automated threat detection.
Daily encrypted backups with point-in-time recovery.
Hosted on Supabase (PostgreSQL) and Vercel with automatic scaling, DDoS protection, and 99.9% uptime SLA.
Role-based access control (RBAC) with granular permissions. Multi-factor authentication (MFA) available for all accounts.
Regular penetration testing, vulnerability scanning, and code security audits by third-party experts.
Rate limiting, request validation, and API key rotation. All API endpoints require authentication.
Full compliance with EU General Data Protection Regulation. Data processing agreements available upon request.
California Consumer Privacy Act compliant. Users can request data deletion and export at any time.
Independently audited for security, availability, processing integrity, confidentiality, and privacy.
Information security management system aligned with ISO 27001 standards.
If you discover a security vulnerability, please report it to us immediately. We appreciate responsible disclosure and will work with you to address any issues.
Email: support@reportflow.uk
Please do not publicly disclose vulnerabilities until we have had a chance to address them.