SafiTrack is built on enterprise-grade infrastructure with security at every layer. Here's how we protect your business.
All data is encrypted using AES-256 at rest and TLS 1.3 in transit. Database connections use certificate-pinned TLS to prevent interception.
Automated daily backups with point-in-time recovery. Backups are stored in geographically separate regions with independent encryption keys.
Each customer's data is logically isolated with strict row-level security policies. No customer can access another customer's records under any circumstance.
We are actively working toward SOC 2 Type II certification, covering Security, Availability, and Confidentiality trust service criteria. Our internal controls already follow SOC 2 standards.
SafiTrack is fully GDPR compliant. We provide data processing agreements, support data subject access requests, and offer data portability and deletion on demand.
For California-based users and customers, SafiTrack complies with CCPA requirements including the right to know, delete, and opt out of data sales. We never sell personal information.
Our application is hosted on enterprise-grade cloud infrastructure with automatic scaling, multi-zone redundancy, and DDoS protection. Database services run on Supabase with managed PostgreSQL.
We maintain a 99.9% uptime SLA for all paid plans. Real-time monitoring, automated alerting, and on-call engineering ensure rapid incident response. Check our current status at any time.
All API endpoints are protected by rate limiting, WAF rules, and bot detection. Edge network caching and CDN delivery minimize attack surface and improve global performance.
SafiTrack supports email/password authentication with bcrypt hashing, magic link sign-in, and OAuth via Google. Session management uses secure, HttpOnly, SameSite cookies with automatic expiry.
Granular role-based permissions let you control exactly who can view, edit, or delete data across your organization. Admin, manager, and member roles are enforced at the database level.
Every significant action — login, record change, export, permission update — is logged with timestamp, user identity, and IP address. Audit logs are immutable and available for admin review.
Safi AI processes your data to deliver insights and recommendations, but your data is never used to train our models or any third-party models. Your business data stays yours.
AI inference runs in the same region as your primary data store. For Enterprise customers, we offer dedicated inference endpoints and configurable data residency to meet regulatory requirements.
Every AI-generated insight in SafiTrack is clearly labeled as such. We provide confidence indicators and source attribution so your team always knows the basis for recommendations.
Common questions from security and procurement teams.
Yes. We provide a GDPR-compliant Data Processing Agreement to all customers. Contact our team at security@safitrack.com to request one.
Customer data is stored in secure, SOC 2-certified data centers. Primary hosting is in the US with options for EU data residency on Enterprise plans.
We currently support Google OAuth for single sign-on. SAML-based SSO for Enterprise IdPs (Okta, Azure AD) is on our roadmap for Q1 2027.
When you delete data or close your account, all records are permanently removed from primary storage within 30 days and from backups within 90 days.
Yes. We engage independent third-party security firms for annual penetration tests. Additionally, we run continuous vulnerability scanning on our infrastructure.
Absolutely. SafiTrack supports full data export in standard formats (CSV, JSON) at any time. No vendor lock-in — your data is always portable.
Our team is happy to walk through our security practices, provide documentation, or complete your vendor security questionnaire.
We respond to security inquiries within 1 business day