Integrora
Legal

Security Practices

How we protect platform data — encryption, access control, backups, audit logging.

_Last updated: 2026-05-16_

This page describes the technical and organisational measures Integrora applies to protect customer data. It supports our Data Processing Addendum, which contains the legally binding commitments.

Encryption

  • In transit: TLS 1.2+ for every connection between client, edge, and backend.
  • At rest: AES-256 for the application database and object storage.
  • Secrets (API tokens, integration credentials) are encrypted with Fernet using a key rotated per environment.

Access control

  • Role-based access control with seven built-in roles per tenant (owner, admin, manager, accountant, hr, viewer, employee) plus per-department scoping.
  • Two-factor authentication (TOTP) is mandatory for admin / owner roles and recommended for everyone else.
  • Platform-level admin access is restricted to named engineering staff and audit-logged.
  • Customer data is segregated by `tenant_id` at the database layer; every read query enforces the tenant scope.

Backups and recovery

  • Application database: daily backups, retained for 30 days.
  • Object storage: continuous replication; document metadata follows the database backup cadence.
  • Disaster recovery plan rehearsed twice per year; RPO ≤ 24 hours, RTO ≤ 8 hours.

Audit logging

  • Every administrative action on the platform side is recorded in a tamper-resistant audit log (append-only with trigger-blocked update/truncate).
  • Customer-side actions (record create, update, delete, signature, email send) are recorded in the per-tenant activity log.
  • Logs are retained for one year on Starter, three years on Professional, and five years on Enterprise.

Vulnerability management

  • Dependencies are scanned for known vulnerabilities on every build.
  • Security-relevant releases are deployed within 7 days of a fix being available; critical CVEs within 24 hours.
  • We accept good-faith vulnerability reports via support@integrora.com. Responsible disclosure with a 90-day fix window is standard; we do not pursue legal action against researchers acting in good faith.

Personnel

  • All engineering staff sign a confidentiality agreement and complete annual security awareness training.
  • Access to production data is granted on a need-to-know basis and revoked the same business day upon role change or departure.

Sub-processor security

We diligence every sub-processor before engagement and review them at least annually. The current list is published at /legal/sub-processors.

Incident response

Security incidents that affect personal data trigger a notification to the affected customer's designated contact within 72 hours, per Article 33 GDPR and the Data Processing Addendum.

Contact

Security questions: support@integrora.com · Vulnerability disclosure: support@integrora.com