Security & Compliance

Enterprise-grade security.
Built from day one.

Encryption at rest and in transit. Role-based access. Complete audit logs. SOC 2 Type II audit in progress. Your player data is protected end to end.

Start free trial Request security review
AES-256
Encryption at rest
TLS 1.2+
Encryption in transit
99.9%
Uptime SLA
30 days
Backup retention
In progress
SOC 2 status
Up to 2 years
Audit log retention

Security at every layer

Not bolted on. Designed in from the beginning — from encryption to access control to audit logging.

Encryption
Data encrypted at rest and in transit
  • AES-256 encryption at rest for all stored data
  • TLS 1.2+ enforced on all connections
  • Encrypted backups with daily retention
  • Database credentials stored in secrets manager
Access Control
Role-based access with workspace isolation
  • Granular RBAC: Admin, Lead, Agent, Read-only
  • Per-workspace agent assignments
  • SSO / SAML via Okta, Azure AD, and Google Workspace
  • Session management with configurable timeout
Audit Logging
Complete audit trail on every action
  • All user actions logged with timestamp and IP
  • Ticket state changes, exports, and config edits
  • Log retention configurable up to 2 years
  • Exportable for SIEM ingestion
Infrastructure
Cloud-native with resilience built in
  • Hosted on AWS with multi-AZ redundancy
  • Daily database snapshots with 30-day retention
  • Health monitoring and auto-recovery
  • 99.9% SLA uptime commitment
Compliance
SOC 2 Type II in progress
  • SOC 2 Type II audit underway (expected Q3 2026)
  • All technical controls already in place
  • GDPR-compliant data processing
  • Data processing addendum available on request
Data Residency
Your data stays in your region
  • EU and US regions available
  • Data never leaves your selected region
  • No cross-tenant data sharing at any layer
  • AI model isolation per workspace
Audit Logging

Every action. Every actor. Every timestamp.

Complete audit trail across your entire organisation. Who changed which SLA policy, when. Who exported ticket data. Which automation rules fired. Every agent action on every ticket — logged, searchable, and exportable for compliance.

  • Immutable log — entries cannot be edited or deleted
  • Filterable by user, action type, workspace, and date range
  • CSV export for SIEM ingestion or compliance reporting
  • Configurable retention up to 2 years on Enterprise
Audit Log 1,284 events this month
sarah@studio.comUpdated SLA policy
Workspace: Flagship Game
09:41
mike@studio.comExported ticket data
Date range: Jun 1–15
09:33
AI AutomationEscalated ticket #4821
Reason: SLA at-risk
09:18
james@studio.comAdded team member
ali@studio.com → Agent
08:55
sarah@studio.comEdited KB article
"Account recovery guide"
08:42
Showing 5 of 1,284Export log →

Role-based access control

Four roles. Clear permissions. No over-sharing.

Admin
  • Full org settings
  • Billing & subscription
  • Add / remove workspaces
  • Manage all users
Lead
  • Manage workspace agents
  • Configure SLA policies
  • View all queues
  • Run automation rules
Agent
  • Assigned queue access
  • Reply to tickets
  • Internal notes
  • View KB articles
Read-only
  • View tickets only
  • No reply access
  • Analytics view
  • KB view
K

Enterprise security. No enterprise price tag.

Every plan includes encryption, RBAC, and audit logging. SSO and advanced compliance on Scale.

Start free trial Talk to sales

No credit card required · Cancel anytime · Full access from day one