Security & Data Processing
In short. Each customer workspace is tenant-isolated as a hard boundary. We use encrypted transport, strong authentication with optional two-factor, least-privilege internal access, and audit logging. Payment card data is handled by our payment processor, not stored by us. This page also lists our subprocessors and explains data processing.
1. Our approach
Security is built into how DataFlair.ai is designed and operated, not added afterwards. We apply defence in depth, least privilege, and the principle that tenant data is a boundary that must not be crossed. This page describes the measures we use and how we handle data processing. It complements the Privacy Policy.
2. Tenant isolation
DataFlair is multi-tenant. Each customer’s workspace and data are logically separated, and the application enforces tenant scoping on data access. Cross-tenant access is treated as a hard security boundary: requests for data outside your workspace are rejected. This isolation is a core architectural principle and is covered by automated tests.
3. Encryption
Traffic between your browser or clients and the platform is encrypted in transit using current TLS. Credentials are stored using one-way hashing. Data at rest is protected by the storage and database controls of our infrastructure providers.
4. Authentication and access control
- Authentication is built on a hardened framework with optional two-factor authentication and scoped API tokens.
- Within a workspace, roles and permissions limit what each user can see and do.
- Internal access to production data is restricted to the few staff who need it, on a least-privilege basis.
- Administrative actions such as support impersonation are restricted and recorded.
5. Audit logging and monitoring
The platform records an audit trail of sensitive actions, capturing who did what and when, for accountability and investigation. We monitor the service for availability and abuse.
6. Infrastructure and hosting
The platform runs on cloud infrastructure provided by DigitalOcean in the United States, with environment separation between development, staging, and production, and regular backups of production data. Domain and certificate management for customer-facing domains is automated.
7. Payment security
Subscription payments are processed by our payment processor (Stripe). Card data is collected and stored by the processor under its own PCI-compliant environment. We do not store full card numbers.
8. Subprocessors
We use a small number of vetted providers to process data on our behalf. The current subprocessors are:
| Subprocessor | Purpose |
|---|---|
| Stripe | Subscription billing, payment processing, and fraud prevention |
| DigitalOcean | Cloud hosting, compute, database, and storage (United States) |
| Sendmail | Transactional account, security, and notification email |
| AI model providers (multiple) | Classification, summarisation, content drafting, and assistant features inside the product |
| Website analytics (planned) | Aggregated website measurement. Not active yet; when introduced it will be consent-based |
We keep providers under contract with confidentiality and data-protection obligations. We will update this list and give notice when subprocessors change. Questions: [email protected].
9. Data processing
For Customer Content, we act as a processor and process it on the customer’s documented instructions to provide the service. For our own customer, billing, and website data, and for the aggregated intelligence we derive, we act as a controller. A data processing agreement is available to customers on request through [email protected]. International transfers are protected by appropriate safeguards as described in the Privacy Policy.
10. Data retention and deletion
Customers can export workspace data through the in-app data export. After termination, data is available for export for a limited window and is then deleted or anonymised, except where we must retain certain records to meet legal obligations. Aggregated and derived intelligence that does not identify a customer or an individual may be retained.
11. Responsible disclosure
If you believe you have found a security vulnerability, please report it to [email protected] with enough detail to reproduce it. Please do not run intrusive or denial-of-service testing against production and do not access data that is not yours. We will acknowledge legitimate reports and work to resolve confirmed issues, and we appreciate good-faith research.
12. Incident response
We maintain procedures to detect, investigate, and respond to security incidents. Where an incident affects personal data and notification is required, we will notify affected customers and authorities consistent with applicable law and our contracts.
13. Contact
For security questions, a data processing agreement, or the subprocessor list, contact [email protected] or [email protected].
Questions about this policy? Email [email protected].