Security and Compliance
Security is not an optional feature. It's the foundation on which all of CaseFy is built.
Security Principles
End-to-End Encryption
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Connections to database, cache and external services are always encrypted.
RBAC with 90+ Permissions
Role-based access control with 6 system roles and 90+ granular permissions. Define exactly who can view, edit and manage each resource.
Complete Audit Trail
Every action generates a timeline record with author, date, time and context. Nothing happens without traceability.
Secure Infrastructure
Hosted on enterprise-class cloud providers with SOC 2, ISO 27001 certifications and daily backups with geographic retention.
Soft Delete and Recovery
Deleted records are preserved with IsDeleted, DeletedAt and DeletedBy. Prevention against accidental data loss.
Isolated Multi-tenancy
Each workspace is completely isolated via Global Query Filters. Impossible to access data from another workspace.
Security Features
Compliance
LGPD
Data processing in compliance with Brazil's General Data Protection Law. Rights of access, rectification, deletion and portability natively supported.
Data Retention
Configurable retention policy per workspace. Data is kept for 30 days after cancellation and can be exported at any time.
DPO
We have a Data Protection Officer (DPO) to ensure continuous compliance and respond to data subject requests.
Security is our priority
Try CaseFy and see how we protect your data.
To report security vulnerabilities, email security@casefy.io