Trust & Safety

Security at PartnerFlo

Last reviewed: April 2025

We take the security of your data seriously. Below is a plain-English overview of the technical and organisational controls we have in place to keep the PartnerFlo platform and your partner data safe.

🔐

Encryption everywhere

All data is encrypted in transit using TLS 1.2+. Data at rest — including your database and uploaded files — is encrypted with AES-256. Passwords are hashed using bcrypt with per-user salts and are never stored in plaintext.

🏗️

Cloud infrastructure

PartnerFlo runs on AWS, one of the world's most audited cloud platforms. File storage uses Amazon S3 with private bucket policies; files are only accessible via time-limited presigned URLs, never via public links.

🔑

Access controls

Role-based access control (RBAC) is enforced at every API endpoint. Vendor admins can only access their own organisation's data. Partners can only access the portal of the Vendor that invited them. No cross-tenant data leakage is possible by design.

🚦

Rate limiting

Login attempts are rate-limited to 10 per 15-minute window per IP address. Repeated failures trigger a temporary lockout, helping prevent credential-stuffing attacks.

🔍

Audit trails

All significant actions within the platform — deal approvals, commission status changes, MDF decisions, file uploads — are recorded with timestamps and the identity of the acting user, supporting internal compliance and dispute resolution.

📦

Dependency management

We keep our open-source dependencies up to date and review security advisories regularly. Our build pipeline pins dependency versions and alerts on known vulnerabilities.

Authentication

User sessions are managed using industry-standard JWT tokens stored in secure, HttpOnly cookies. Sessions expire after a period of inactivity. We support email/password authentication with plans to add SSO (SAML/OIDC) for enterprise accounts.

API security

Every API endpoint verifies the caller's session and role before processing any request. API keys (for the REST API) are hashed before storage and scoped to a single vendor account. Keys can be revoked instantly from the settings panel.

Vendor data isolation

Each vendor's data is logically isolated at the database level — every record carries a vendorId that is checked on every read and write. There is no shared-table row-level security dependency; isolation is enforced in application code and verified in our test suite.

Incident response

In the event of a confirmed data breach we will notify affected customers within 72 hours of becoming aware, in line with UK GDPR obligations. We will provide details of what data was affected and the steps taken to contain the incident.

Responsible disclosure

If you discover a potential security vulnerability in PartnerFlo, please report it responsibly to security@partnerflo.io. We ask that you:

  • Do not access or modify data that does not belong to you
  • Do not perform denial-of-service attacks
  • Give us a reasonable amount of time to investigate and resolve the issue before any public disclosure

We will acknowledge your report within 2 business days and keep you updated throughout our investigation. We do not currently operate a formal bug bounty programme but we do recognise responsible reporters in our acknowledgements.

Questions

For security-related questions or concerns: security@partnerflo.io