Security

Infrastructure

• Hosted on AWS, region pinned per customer (default eu-west-1).
• Cloudflare in front of every origin; DDoS mitigation always on.
• Origin TLS via Cloudflare Origin CA, mTLS optional on Scale.
• Daily encrypted backups with 35-day retention.

Encryption

• TLS 1.3 in transit. HSTS preloaded.
• AES-256-GCM at rest. Per-workspace data encryption keys.
• Customer-managed keys (BYOK) on Scale.

Access control

• SAML / OIDC SSO on Team and Scale.
• Mandatory MFA for DossFox staff. Hardware-key only on production.
• Just-in-time privilege escalation; every action logged and reviewed.

Audit & compliance

• GDPR-aligned by design.
• SOC 2 Type II — target completion Q3 2027.
• ISO 27001 — target 2028.
• Per-workspace immutable audit log; one-click export.

Vulnerability disclosure

Found something? Email [email protected] (PGP available on request). We acknowledge within 24 hours and aim to ship a fix within 7 days for high-severity issues. Researchers acting in good faith are not pursued and are recognised in our hall of fame.

Subprocessors

• AWS — hosting (EU).
• Cloudflare — edge & TLS (global).
• Stripe — billing (US, SCC).
• Postmark — transactional email (EU).
• Sentry — error monitoring (EU).
• fal.ai — branding asset generation only; never customer dossier data.

Incident response

We follow a documented IR playbook. Customers are notified within 72 hours of any incident affecting their data, with a written postmortem within 30 days.