Data Security
- Encryption at rest — All data is encrypted using AES-256
- Encryption in transit — All connections use TLS 1.2+
- Database security — Multi-layer security with regular backups
- Access controls — Role-based permissions with principle of least privilege
Authentication & Access
- Two-factor authentication (2FA) — Available for all accounts
- OAuth integrations — Secure token-based authentication for third-party services
- Session management — Active session monitoring and remote logout
- Role-based access control — Admin, Agent, and Viewer roles with granular permissions
Compliance
- GDPR — Fully compliant with the General Data Protection Regulation
- SOC 2 — Compliance in progress
- Data residency — Options available for data location requirements
Infrastructure
- Cloud hosting — Hosted on enterprise-grade cloud infrastructure
- 99.9% uptime — High availability with redundancy
- Hourly backups — Data is backed up hourly with point-in-time recovery
- Multi-region — Redundancy across multiple data centres
- Global CDN — Fast access from anywhere in the world
Webhook & API Security
- HMAC signature verification — All webhooks are cryptographically signed
- API rate limiting — Protection against abuse
- API key management — Secure token generation and rotation
Data Privacy
- Data retention policies — Configurable data retention periods
- Data export — Export all your data at any time
- Data deletion — Request complete data deletion upon account closure
- Third-party processors — Strict DPA agreements with all sub-processors
Reporting Vulnerabilities
If you discover a security vulnerability, please report it responsibly to security@zupport.app. We take all security reports seriously and will respond promptly.
💡 For more details about our security practices, contact us at support@zupport.app.