Security & Compliance

Built to pass procurement review on the first round.

Every control below is enforced in the codebase. The DPA, sub-processor list, and security paper are forwardable to your CISO and DPO before kickoff.

Request the security paper →See sub-processors

Hubtiq / SecuritySeven controls

01 · Identity

SAML 2.0 SSO per tenant.

JWT carries an explicit tenant claim. Access tokens TTL ≤ 15 min. Refresh-token rotation with replay detection.

SAML 2.0

SP-initiated and IdP-initiated flows. Per-tenant metadata.

OIDC

On the roadmap. Local password fallback retained for operators.

Token lifetime

Access ≤ 15 min. Refresh rotated on every use.

Step-up auth

Required for impersonation and destructive admin actions.

SAML 2.0SP / IdP-initOIDC · planned

02 · Data isolation

Two layers. Defense in depth.

PostgreSQL Row-Level Security policies enforce tenant boundaries at the database. NestJS guards validate the JWT tenant claim on every request.

Database

27 tenant-scoped tables, 27 RLS policies, drift-tested per release.

Application

NestJS guards on every controller. Cross-tenant calls fail closed.

Contract tests

Tenant-isolation suite gates every merge to main.

Backups

Per-tenant restore supported. Tested quarterly.

RLS · 27/27NestJS guardsContract-tested

03 · Audit log

Immutable. Append-only. Forwardable.

Every privileged action is captured: admin, ops, impersonation, integration delivery. 7-year default retention, configurable per tenant.

Append-only

Application cannot mutate or delete events.

Export

Per-tenant NDJSON or JSON, signed for chain-of-custody.

Retention

7 years by default. Per-tenant override on contract.

SIEM-friendly

Optional streaming to your SIEM via webhook.

Append-only7-year defaultSIEM stream

04 · GDPR

EU-resident, DPA-ready, right-to-erasure.

EU data residency. Sub-processors documented and version-controlled. DPA / AVV available before contract. Right-to-erasure tooling for tenant admins.

Residency

Tenant data stays in the EU. Backups in the EU.

DPA / AVV

Standard template. Negotiable on request.

Sub-processors

Documented, change-notified to admins.

Right to erasure

Tenant admins can scope-delete records they control.

EU-residentDPA availableRtE tooling

05 · Operational security

Hardened defaults across the stack.

Secrets encrypted at rest with key rotation. Daily backups with 35-day retention and a quarterly restore drill. HTTPS-only with HSTS preload.

Secrets

Encrypted at rest. Key rotation on schedule.

Backups

Daily snapshots, 35-day retention, restore drilled quarterly.

Transport

TLS 1.3, HSTS preload, certificate transparency monitoring.

Headers

Helmet-based defaults on every response. CSP per tenant.

HSTS preloadCSP per tenantDaily backup

06 · Incident response

S1 in 24 hours. S2 in 4 hours.

PagerDuty rotation. Every incident closes with a 5-Whys and a prevention plan published to a customer-facing channel.

S1 · Data exposure

Customer-facing notice inside 24 hours.

S2 · Service down

Status updates inside 4 hours.

Postmortems

5-Whys and prevention plan, published.

Rotation

PagerDuty on-call, 24/7 coverage.

S1 · 24 hS2 · 4 hPagerDuty

07 · Certifications

Honestly framed.

We name what we carry and what we're working toward, with dates. Annual pentest by an external firm.

ISO 27001

Audit in progress. Target Q4. Statement of Applicability available.

SOC 2 type II

On the roadmap behind ISO 27001.

Pentest

Annual, external firm. Findings shared under NDA.

Bug bounty

Private program, coordinated disclosure.

ISO 27001 · in progressSOC 2 II · roadmapAnnual pentest

Sub-processors

Everyone who touches your data.

Documented and version-controlled. Admins are notified of every change.

ProviderPurposeData classRegion

AWSCompute, storage, managed PostgreSQLTenant dataEU

SendGridTransactional emailEmail metadataEU

SentryError monitoringDiagnosticsEU

StripeSubscription billingBilling onlyEU

CloudflareCDN, DDoS protection, WAFEdge metadataEU PoPs

PagerDutyIncident escalationDiagnosticsEU

Talk to our team

Thirty minutes. End to end.

Builder · runtime · opsReply within one business day

Tell us about the form problem you're trying to solve. We'll show you how we'd ship it on Hubtiq: builder, runtime, integrations admin, ops surface.

Request a demo →