Trust

Built to survive a security review.

You're routing revenue-grade data through us. We treat it like it's ours to lose — encrypted everywhere, scoped per store, and audited by people who don't work here.

SOC 2
Type II
AES-256
At rest
TLS 1.3
In transit
72h
Breach SLA

How the data stays safe

Per-store isolation

Every query is scoped to a store id and the owning account. One workspace can never read another's touches — it's enforced at the data layer, not just the UI.

Encryption everywhere

TLS 1.3 on the wire, AES-256 at rest. Secrets live in a managed vault, never in source or logs.

Least-privilege access

Engineer access to production is role-gated, time-boxed, and logged. No standing keys to your data.

First-party by design

Because identity never leaves the originating domain, a breach can't expose a cross-site graph that we simply don't build.

Independent testing

Annual third-party penetration tests plus continuous automated scanning. Summaries available under NDA.

Vulnerability disclosure

A published security contact and a no-retaliation policy for researchers who report issues in good faith.

Need the full report?

SOC 2 Type II, pen-test summary, DPA, and subprocessor list are ready the moment your review kicks off.