All docs
Security
How your data is protected
Every record is scoped to your organization (multi-tenant isolation enforced on the server). Sensitive PII — your email/name and contact email/phone — is encrypted at rest with AES-256-GCM. Secrets live in AWS Secrets Manager / SSM, never in code. Sensitive actions are recorded in the audit log (Settings → Audit Log), and API endpoints are rate-limited against abuse.