Enterprise-Grade Security
Your data security is our top priority. We implement industry-leading security practices to protect your business.
Compliance & Certifications
SOC 2 Type II
Certified
Annual audit of security controls
GDPR
Compliant
EU data protection standards
CCPA
Compliant
California privacy requirements
PCI DSS
Compliant
Payment card security (via Stripe)
Security Features
Encryption
- 256-bit TLS encryption in transit
- AES-256 encryption at rest
- End-to-end encryption for sensitive data
Infrastructure
- Hosted on AWS with SOC 2 certified data centers
- Multi-region redundancy
- Automated backups with 30-day retention
Access Control
- Role-based access control (RBAC)
- Multi-factor authentication (MFA)
- SSO support via SAML/OIDC
Monitoring
- 24/7 security monitoring
- Intrusion detection systems
- Regular penetration testing
Data Protection Practices
Data Isolation
Each customer's data is logically isolated. Row-level security ensures you only access your own data.
Secure File Processing
Uploaded blueprints and photos are processed in isolated environments and deleted after extraction unless you choose to save them.
Employee Access
Strict access controls limit employee access to customer data. All access is logged and audited.
Incident Response
We maintain a comprehensive incident response plan with 24-hour notification for security incidents.
Vendor Security
All third-party vendors are vetted for security compliance. We only work with SOC 2 certified providers.
Report a Vulnerability
We appreciate responsible disclosure. If you discover a security vulnerability, please report it to our security team.