InsightFlow
Secure data environment

Trust & Security

Your research data deserves the highest protection. We've implemented comprehensive security measures to protect your data at every level.

Encrypted

TLS 1.3 in transit, AES-256 at rest

Isolated

Row-level security for data isolation

Compliant

GDPR & Privacy Act aligned

Infrastructure Security

Cloud Infrastructure

ComponentProviderSecurity
Application HostingVercel
SOC 2 Type II
DatabaseSupabase (AWS)
SOC 2 Compliant
AI ProcessingOpenAI
Enterprise Security
PaymentsStripe
PCI DSS Level 1

Network Security

  • DDoS Protection: Automatic mitigation at the edge
  • Web Application Firewall: Protection against common attacks
  • Rate Limiting: Prevention of abuse and brute force attempts
  • Geographic Routing: Optimal performance and redundancy

Data Protection

Encryption

  • In Transit: TLS 1.3 (HTTPS everywhere)
  • At Rest: AES-256 encryption
  • Backups: Encrypted with separate key management

Data Isolation

Your data is completely isolated from other clients:

Client A Data ←→ [RLS Boundary] ←→ Client B Data

↑ Cannot access each other

Compliance

Privacy Regulations

  • Australian Privacy Act 1988
    Compliant
  • GDPR (EU)
    Compliant
  • CCPA (California)
    Compliant

Industry Standards

  • ESOMAR Guidelines
    Aligned
  • AMSRS Code
    Aligned
  • ISO 20252 (Market Research)
    In Progress

Operational Security

Business Continuity

  • Uptime Target99.5%
  • Backup FrequencyContinuous
  • Recovery Time (RTO)< 4 hours
  • Recovery Point (RPO)< 1 hour

Monitoring

  • 24/7 Monitoring: Automated alerting
  • Performance Tracking: Real-time metrics
  • Error Tracking: Immediate notification
  • Status Page: View status →

Your Controls

Data Export

Export your data anytime in JSON, CSV, Excel, or Markdown formats.

Privacy Settings

Control consent language, data retention, and team access permissions.

Account Security

Change password, view sessions, and manage access tokens.

Frequently Asked Questions

Is my data shared with other clients?

No. Your data is completely isolated. Row-level security ensures no other client can ever access your data.

Does OpenAI train on my data?

No. We use OpenAI's API which does not use customer data for training. Your prompts and responses are processed and discarded.

Where is my data stored?

Data is stored in secure data centres primarily in the United States and Australia, with encryption at rest and in transit.

What happens if there's a breach?

We will notify you within 72 hours, provide details of what occurred, and take immediate steps to remediate and prevent future incidents.

Have Questions?

For security concerns, compliance documentation, or any questions about how we protect your data.