Data encryption
All data is encrypted in transit using TLS 1.2+ and encrypted at rest using AES-256. Secrets and credentials are stored in dedicated, access-controlled vaults.
Infrastructure
The Service runs on reputable cloud infrastructure with physical security, network isolation, automated backups and redundancy across availability zones.
Access control
We enforce role-based access, the principle of least privilege, and strong authentication for internal systems. Customer-facing accounts support granular permissions and (where enabled) single sign-on.
Monitoring & resilience
We log and monitor system activity, maintain automated daily backups, and operate an incident response process with defined escalation and customer-notification steps.
Application security
Security is built into our development lifecycle through code review, dependency scanning and periodic vulnerability testing of the platform.
Compliance
We align our practices with the GDPR (see our GDPR page and DPA) and industry best practices such as the SOC 2 framework. Available reports and certifications can be requested under NDA.
Responsible disclosure
Found a vulnerability? We appreciate responsible disclosure. Email security@zoidii.info with details and we will respond promptly. Please do not publicly disclose until we have had a reasonable opportunity to remediate.