Security
Treated like an engineering requirement.
Maritime, energy, and the businesses that serve them operate under rising cyber scrutiny. Here's plainly how we protect your data — no buzzwords, no overclaiming.
Read-only Google access
We ask only for permission to read your Search Console and Analytics data. The platform cannot modify or delete anything in your Google account — the access simply doesn't allow it.
Credentials encrypted at the application layer
The tokens that let us read your data are encrypted before they're ever stored, using AES-256-GCM with a key held outside the database. A database leak alone would yield nothing usable.
Your data is isolated from every other client
Each client's data is partitioned at the database layer and enforced by policy, not convention. We verify this with an automated cross-tenant test before any real client is onboarded.
Built for a regulated vertical
Strict security headers on every response, rate limiting on public and AI endpoints, and admin access protected by multi-factor authentication. Singapore PDPA compliance with a published privacy policy.
Want the specifics for a procurement or security review? We're happy to walk through the details.
Talk to us