Skip to content
PlatformUse CasesBlogAboutSecurity
Request early access
Security

Your data stays yours

Process data is sensitive — it maps how your entire business operates. Every layer of Sancalana is built with that reality in mind.

SECURITY ARCHITECTURE🛡CLIENT LAYERTLS 1.3 · CSP · HSTS · SRIAPI GATEWAYRate limiting · JWT · RBACAPPLICATION LAYERIsolated VPC · WAF · IDSDATA LAYERAES-256 at rest · TLS in transit · Customer-managed keysINFRASTRUCTUREAWS · SOC 2 · Multi-AZ · Automated backups

SOC 2 Type II

Audit in progress. Designed from day one around SOC 2 controls for security, availability, and confidentiality.

Encryption

AES-256 encryption at rest. TLS 1.3 in transit. Customer-managed encryption keys planned for Enterprise tier.

Infrastructure

Hosted on AWS with isolated VPCs, multi-AZ deployment, and automated backups. Targeting 99.9% uptime SLA at GA.

Access Controls

Role-based access control, SSO (SAML 2.0, OIDC), multi-factor authentication, and audit logging.

Compliance

GDPR compliant. HIPAA readiness in progress. ISO 27001 aligned. Annual penetration testing planned.

Data Ownership

You own your data. Full export at any time. Data deletion on request. No vendor lock-in.

99.9%

Uptime target

You control

Data retention

Planned

Annual pen tests

Privacy Policy →Terms of Service →

Need more detail?

We're happy to share SOC 2 reports, answer security questionnaires, or walk through our architecture with your team.

Request early access