Your security questions answered. Learn how we protect your data and maintain compliance.
Download our comprehensive security documentation.
View & Download PDFFound a security vulnerability? Report it to our security team.
Contact SecurityHealthcare customers can request a Business Associate Agreement.
Request BAAAll data is stored in Google Cloud Platform (GCP) data centers located in the United States. We use GCP's enterprise-grade infrastructure with SOC 2 Type II certification.
Yes. All data is encrypted both in transit (TLS 1.3) and at rest (AES-256). Encryption is handled automatically by Google Cloud Platform.
Only authorized users from your organization can access your data. We use multi-tenant isolation to ensure complete data separation between organizations.
We perform automated daily backups with 90-day retention. Backups are encrypted and stored in separate GCP regions for disaster recovery.
Our infrastructure is built on Google Cloud Platform, which maintains SOC 2 Type II certification. We inherit many security controls from GCP. We are working toward our own SOC 2 Type II certification and will update this page when available.
We offer Business Associate Agreements (BAA) for healthcare customers handling PHI. Contact us at info@netcloudshield.com to request a BAA.
Yes. We comply with GDPR requirements including data subject rights, data processing agreements, and data breach notification procedures. See our Privacy Policy for details.
We follow industry best practices and are continuously working toward additional certifications. Contact us to discuss specific compliance requirements.
We use Firebase Authentication with support for email/password and Google OAuth. We follow industry best practices for secure authentication.
We use a multi-tenant architecture with strict tenant isolation. Each organization's data is stored in separate Firestore collections, and access is controlled by tenant_id in authentication tokens.
Yes. As a tenant owner, you can manage user access through the admin dashboard. You can add/remove users and assign roles.
API access is controlled through API keys that are scoped to your tenant. You can create, revoke, and manage API keys from the Settings page.
We use Google Cloud Platform (GCP) for all infrastructure. GCP maintains SOC 2 Type II, ISO 27001, and other certifications.
All servers are located in Google Cloud Platform data centers in the United States. We do not store data outside the US unless specifically requested.
We target 99.9% uptime. Our infrastructure uses auto-scaling and redundancy to ensure high availability.
We have a documented incident response plan. In the event of a security incident, we will notify affected customers within 24 hours. Contact info@netcloudshield.com to report security issues.