Trust Center
We practice what we preach. ShieldBase is built with the same security standards we help you achieve.
Certifications & Compliance
How We Protect Your Data
Encryption at Rest & In Transit
All data is encrypted using AES-256 at rest and TLS 1.3 in transit. Database connections use SSL with certificate verification.
EU Data Residency
All data is stored exclusively in EU data centers (Supabase EU region). We never transfer data outside the European Economic Area.
Authentication Security
Bcrypt password hashing, optional TOTP two-factor authentication, session management with automatic expiry, and OAuth 2.0 PKCE flows for Google and Microsoft.
Row-Level Security
PostgreSQL row-level security ensures multi-tenant data isolation. Organizations can only access their own data at the database level.
Comprehensive Audit Trail
Every compliance-related action is logged with before/after snapshots. Full audit trail across 20+ endpoints for evidence collection.
BYOK Encryption (Business)
Business tier customers can bring their own encryption keys for an additional layer of data protection and control.
API Security
Rate limiting (4 tiers), CSRF protection, XSS sanitization, security headers, and request logging on all API endpoints.
GDPR Compliance
Data minimization, purpose limitation, right to erasure, data portability, and privacy by design throughout the platform.
Responsible Disclosure
If you discover a security vulnerability, please report it to [email protected]. We take all reports seriously and will respond within 48 hours.