
Security is built into the database layer, not bolted on at the edge. Here are the real controls every system ships with — in plain terms, for the engineer evaluating us and the business trusting us with its data.
.jpg&w=3840&q=75)
The controls
Security lives in Postgres, not in application discipline. Every product enables Row-Level Security on every table, from day one.
Every inbound webhook is cryptographically verified before it can touch data — with constant-time comparison and, where relevant, a replay guard.
Public surfaces are gated before they reach the database or an LLM, so cost and abuse are bounded.
A public WhatsApp number is an open pipe to a language model. Untrusted input is sanitised at ingestion, before it is ever stored.
Tokens stay out of the browser, secrets stay out of the bundle, and every response ships hardened headers.
Sensitive systems keep a tamper-evident record of what happened — by construction, not by convention.
.jpg&w=3840&q=75)
Governance — POPIA / PAIA
Beyond a privacy policy: documented breach response, an annual review cadence, a PAIA manual and a designated Information Officer — the operational governance most studios never write down.
A documented six-step procedure (detect & contain → assess → notify the Information Regulator within 72 hours → notify data subjects → remediate → post-incident review) with a four-level severity matrix and named third-party processor contacts.
A signed yearly review across governance, lawful-processing conditions, data-subject rights, safeguards, operators, privacy notices and breach readiness — with a documented data-retention schedule.
A Promotion of Access to Information Act manual establishing the company as a private body with a designated Information Officer and defined record categories (including the operator/responsible-party split for client data).
Production data for SA-facing products is hosted in the af-south-1 (Cape Town) region; cross-border processing (e.g. the AI provider) is covered by the provider's data-processing agreement.
.jpg&w=3840&q=75)
Where verification stands
These controls are real and in code. The most recent review was an internal pre-launch security audit (rated good, no critical findings; the medium-severity items found were resolved). Independent penetration testing is on the roadmap and is gated before scaling past 1,000 tenants — we describe what exists, not certifications we don't yet hold.
.jpg&w=3840&q=75)
RLS, signed webhooks, append-only audit and a documented compliance posture — you own all of it.