Platfio

Security

Our Commitment

Security is foundational to everything we build at Platfio. We take the protection of your data seriously and continuously invest in the infrastructure, processes, and practices needed to keep it safe.

Infrastructure

Platfio is hosted on Google Cloud Platform (GCP). All data is stored in Google Cloud Firestore with encryption at rest and in transit. Our backend services run on Cloud Run and Firebase, benefiting from Google's enterprise-grade security infrastructure.

Data Protection

  • Encryption in transit — All connections use TLS 1.2+.
  • Encryption at rest — Data is encrypted at rest using Google-managed encryption keys.
  • Access controls — We follow the principle of least privilege for all internal access.
  • Authentication — User authentication is handled by Firebase Authentication with support for multi-factor authentication.

Application Security

  • Firestore Security Rules enforce row-level access control on all database operations.
  • Cloud Storage Security Rules restrict file access to authorised users.
  • All API endpoints are authenticated and authorised.
  • We follow secure development practices including code review, dependency scanning, and automated testing.

Responsible Disclosure

If you discover a security vulnerability, please report it responsibly. Contact us and we'll work with you to address it promptly.