Security & compliance
Enterprise-grade from day one
Encryption, multi-tenancy, EU residency, and an append-only audit log are available at the July 1, 2026 GA. Tamper-evident immutable storage, SCIM, and SAML are on the V1.5 roadmap.
Available July 1, 2026
Three controls, built in from day one
Encryption at rest + in transit
AES-256 for data at rest, TLS 1.3 in transit. Live in production today.
EU data residency
All customer data hosted in europe-west1 (Belgium). Live in production today.
Multi-tenancy isolation
Row-level security enforces tenant boundaries on every query. Live in production today.
Access control
RBAC and approvals
Basic role-based access control ships today. Approval workflows for sensitive content are on the HQ tier today.
Identity
SSO today, SCIM/SAML on the roadmap
Email, Google, and Microsoft SSO ship today on every paid tier. SAML 2.0 and SCIM 2.0 provisioning are on the V1.5 roadmap so your IT team can revoke access in seconds post-launch.
Audit
Append-only audit log
Every action (login, post, share, role change) is captured in an append-only audit log with application-level write protections, live on the HQ tier today. Tamper-evident, immutable storage is on the roadmap.
Compliance posture
Live status across the controls auditors ask about first.
SOC 2
In progress
GDPR
Compliant
EU residency
europe-west1
TLS 1.3
Enforced
AES-256
At rest
Multi-tenant
RLS enforced
Related