The Processor implements appropriate technical and organisational measures (TOMs) to ensure a level of security appropriate to the risk, including, at minimum:
Encryption: TLS 1.2 or higher for data in transit. AES-256 or equivalent for data at rest in the primary database (Convex).
Access control: role-based access enforced via Clerk authentication; principle of least privilege for engineering access to production systems; multi-factor authentication required for staff with production access; audit log of administrative actions retained for at least 90 days.
Network: production systems behind firewall and reverse proxy; dedicated per-customer compute on Hetzner with isolation between instances; no shared production database tenancy at the row level across customers.
Integrity: continuous monitoring of error rates and unauthorised access attempts; cron-based health and security checks; quality gate that reviews every outbound message before send.
Resilience: nightly backups of customer data with point-in-time recovery available through the Convex platform; documented incident response procedure.
Vulnerability management: dependency scanning on continuous integration; documented patching cadence for production hosts.
These TOMs may be updated from time to time provided the level of security is not materially reduced.