Security & Privacy
Enterprise-grade security
Your data and your customers' data is safe with us. Here's exactly how we protect it.
🔒
SOC 2 Type II
In progress — Q3 2025
🇪🇺
GDPR
Compliant
🔐
HTTPS / TLS 1.3
Active
☁️
ISO 27001 Storage
Geo-redundant
🔐
Encryption
- All data encrypted at rest using AES-256
- TLS 1.3 for all data in transit
- Database-level encryption at rest and in transit
- Webhook payloads signed with HMAC-SHA256
🛡️
Infrastructure
- Hosted on isolated cloud infrastructure
- Automatic backups every 6 hours with 30-day retention
- Rate limiting on all API endpoints
- 99.99% uptime SLA with real-time incident monitoring
🔑
Access Control
- Role-based access control (RBAC) on Enterprise
- SSO / SAML 2.0 support on Enterprise
- JWT-based session tokens with short expiry
- API keys scoped to minimum required permissions
📋
Compliance
- GDPR-compliant data processing
- Data residency options for Enterprise
- Right to erasure — delete visitor data on request
- Cookie-free tracking option available
Infrastructure at a glance
🗄️
Isolated database cluster
Dedicated per-region storage
⚡
High-availability queuing
Zero message loss guarantee
🪲
Real-time error monitoring
Instant incident alerting
🔬
AI observability
Full trace logging (Enterprise)
☁️
Geo-redundant storage
Document + media files
📧
Transactional email
Notifications & summaries
Found a vulnerability? We have a responsible disclosure program.
security@oyechats.com