Row-level security (RLS) at the PostgreSQL database level. Each workspace's data is isolated. Cross-workspace access is impossible by design, not just by application logic.
JWT sessions with secure cookie storage. Optional multi-factor authentication (MFA) with TOTP and backup codes. Session invalidation across all devices. Password hashing with bcrypt.
Scoped API keys with rotation support. Per-endpoint rate limiting with cost multipliers. HMAC-signed webhook payloads with exponential retry on delivery failure.
Google Sheets and analytics connections use OAuth 2.0. LiquiChart only reads the specific resources you authorize. Disconnect any integration at any time from your settings.
GDPR-compliant data handling. Poll vote anonymization on request. PII filtered from application logs. Removal request processing with proper data anonymization.
HTTPS on all endpoints. Deployed on Vercel's edge network with automatic SSL. Environment secrets encrypted at rest. Circuit breakers on external service calls prevent cascade failures.
Questions about security or compliance? Reach out and we will provide details specific to your requirements.