Security

Last updated: 8/27/2025

We design Deaimer with security as a first-class concern. This page summarizes our current technical and organizational controls. For vendor questionnaires or security reviews, contact support@deaimer.com.

Infrastructure

  • Hosted on reputable cloud platforms with physical security, redundancy, and compliance certifications.
  • Multi-AZ deployment; managed load balancing and auto-scaling.
  • Separate environments for production and non-production; least-privilege network access between tiers.

Data Protection

  • Encryption in transit (TLS 1.2+) and at rest (AES-256 or provider-equivalent).
  • Application-level secrets stored in a managed secrets manager; rotated and access-controlled.
  • Embeddings and vectors isolated per tenant where applicable; logically separated data stores.

Access Controls

  • SSO with Google for users; mandatory MFA for administrative accounts.
  • Role-based access control (RBAC) with least-privilege permissions and periodic review.
  • Comprehensive logging of admin actions and sensitive events.

Application Security

  • Secure SDLC with code review, dependency scanning, and CI/CD checks.
  • Input validation, output encoding, and query parameterization to mitigate common web risks (OWASP Top 10).
  • Rate-limiting, abuse detection, CSRF protection, and content security policies where applicable.

Vulnerability Management

  • Regular dependency updates and container image scanning.
  • Security patches applied according to risk; critical issues expedited.
  • Third-party penetration testing periodically; remediation tracked to closure.

Incident Response

  • Documented incident runbooks and on-call escalation.
  • For incidents affecting personal data, we will notify impacted customers and regulators as required by law.

Business Continuity & Backups

  • Automated backups with encryption and periodic restore testing.
  • Redundant components and failover capabilities for core services.

Data Retention & Deletion

Data is retained for the duration of your account and as required for legal, audit, or compliance purposes. Upon account deletion, we schedule data for removal from active systems and backups according to defined windows.

Sub-processors

We use vetted providers for hosting, analytics, email, and payments. A current list is available upon request at support@deaimer.com. We maintain DPAs/SCCs as required.

Compliance

We align our controls to industry best practices and applicable regulations. See our Privacy Policy for data protection commitments.

Note: This page summarizes current practices and is not a commitment to future features or certifications.