Your team's data, treated like ours.
Encryption in the right places, EU data hosting in Frankfurt, magic-link sign-in with 2FA, and a security contact who actually replies. Plain-English answers below — including what we haven't built yet.
Data protection
Modern, boring cryptography in the right places. No clever schemes — just the things that auditors and your CISO expect.
Encryption at rest
AES-256 on every database volume, blob, and backup. Keys are managed and rotated through your region's cloud KMS.
Encryption in transit
TLS 1.3 only, with HSTS. We also pin certificates in our native mobile clients.
Backups, tested
Incremental and full backups, encrypted and stored in a separate cloud account, with regular restore drills.
Audit log
Every access to admin surfaces, every role change, every data export — written to an append-only log with up to 12-month retention. Owners can stream it to a SIEM.
Identity & access
RBAC scoped per team today. SSO and SCIM are on our roadmap for teams that need them.
Roles that match your org
Owner / Admin / Lead / Member with per-team scope. A team lead in Helsinki can't see what Berlin is up to unless you say so.
SAML SSO + SCIM (roadmap)
Planned: wire up Okta, Google Workspace, Microsoft Entra ID, or any SAML-compliant IdP, with SCIM 2.0 to auto-deactivate seats when someone leaves your IdP. Not available yet — we'll announce it when it ships.
Two-factor authentication
App-based TOTP 2FA with recovery codes is built in. WebAuthn (YubiKey, Touch ID) and workspace-wide MFA enforcement are in development.
Sessions you can see
Every active session shows up in your account — device, location, last activity. One-click sign-out remotely.
Privacy
You own your team's data. We hold it under a clear DPA, in the EU, and we delete it when you say so.
One-click DPA
A standard EU-style Data Processing Agreement, signable from your billing settings. No legal back-and-forth.
EU data residency
EU (Frankfurt) today. A US region is on our roadmap, with no committed date yet — your data never leaves its region for storage or backups.
Delete means delete
Account deletion purges your data within 30 days — including from backups on the next rotation. We send you a confirmation when the last byte is gone.
No selling, no ads, no training
Your data is never sold, never used to train models, never shared with third parties. Sub-processors are kept to a small set — infrastructure (AWS, Cloudflare, Stripe) plus a handful of operational providers — and the full list is published.
Where your data lives.
Your workspace runs in the EU (Frankfurt) today. More regions are on the roadmap — we won't move your data without telling you.
Found a vulnerability?
We reply within 24 hours and credit researchers who report responsibly. No legal sabre-rattling — just a fast, respectful process.
Email security@altorbit.app — encrypt with our PGP key →
6B5C 2D8E 9F4A 1C7B
E03D 5A91 B2F8 6C42
— full key: keys.openpgp.org