Back to home

Security at RETENU

Enterprise-grade security protecting your financial data

We understand that you're entrusting us with your most sensitive business data. Security isn't an afterthought—it's built into every layer of our infrastructure. Here's exactly how we protect your information.

Security Certifications & Compliance

Data Ownership

Your data, your control

Secure Hosting

Supabase infrastructure

Encrypted Storage

Data encrypted at rest

Regular Updates

Continuous security improvements

API Key & Credential Security

How we protect your most sensitive data

AES-256 Encryption

All API keys are encrypted at rest using military-grade AES-256 encryption. Even our own engineers cannot view your credentials in plain text.

Secure Key Management

Encryption keys are stored in a separate Hardware Security Module (HSM) with strict access controls and regular rotation.

Read-Only Access

We only request read-only API scopes. We cannot and will not modify, delete, or write any data to your connected services.

Immediate Revocation

Disconnect any integration instantly. We immediately delete all associated credentials from our systems.

Infrastructure Security

Multiple layers of protection

TLS 1.3 Encryption

All data in transit is encrypted using the latest TLS 1.3 protocol with perfect forward secrecy.

DDoS Protection

Enterprise-grade DDoS mitigation protects against attacks up to 100 Gbps.

Web Application Firewall

Advanced WAF blocks SQL injection, XSS, and other OWASP Top 10 vulnerabilities.

Intrusion Detection

Real-time monitoring and automated threat detection across all systems.

Regular Penetration Testing

Quarterly security audits by independent third-party firms to identify vulnerabilities.

Isolated Database

Databases run in isolated environments with no public internet access.

Access Control & Monitoring

Who can access your data and how we track it

Role-Based Access

Strict least-privilege access controls. Engineers can only access production data with approval and logging.

  • Multi-factor authentication required
  • Time-limited access grants
  • Automatic session expiration

Audit Logging

Every access to sensitive data is logged with who, what, when, and why. Logs are immutable and retained for 7 years.

  • Real-time alerting
  • Tamper-proof logging
  • Automated anomaly detection

Background Checks

All employees with data access undergo comprehensive background checks and security training.

  • Criminal history verification
  • Annual security training
  • NDA requirements

Data Protection & Backup

Ensuring your data is always safe and recoverable

Automated Backups

Full database backups every 6 hours, retained for 30 days. Point-in-time recovery available within 5 minutes.

Geographic Redundancy

Data replicated across multiple availability zones and regions for 99.99% durability and disaster recovery.

Security Incident Response

In the unlikely event of a security incident, we have a documented response plan:

  • Immediate containment and investigation
  • Notification within 72 hours of discovery
  • Transparent communication and remediation
  • Post-incident review and improvements

Report a Security Issue

We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly:

Security Email

security@obsidian.com

Response Time

Within 24 hours

We offer a bug bounty program for responsible disclosure. Visit our security page for details.