HomeRaizeRaize Orion Compliance
We run our own product on ourselves

Security at Raize Orion

We build a compliance platform, so we hold ourselves to the standards we help our customers meet. Here is how your data is isolated, encrypted, and audited — in plain terms.

Tenant isolation at the database layer

Every customer is a separate organisation, and every record is bound to it. Isolation is enforced by Row-Level Security inside the database — not in application code — so one customer can never see another's data, even in the event of an application bug. A cross-tenant request returns nothing; there is no error to probe and nothing to learn.

Encrypted in transit and at rest

All traffic is TLS 1.2+ end to end. Data at rest is encrypted with AES-256. Secrets — connector credentials, webhook keys, OAuth tokens — live in a dedicated encrypted vault, decryptable only by privileged server processes and never exposed to the browser or to other tenants.

Strong authentication & least privilege

Multi-factor authentication is enforced for administrators. Access within an organisation is role-scoped: viewers can read but not change, and only admins touch billing, users, and integrations. Every privileged operation re-checks the caller's role on the server.

Append-only audit trail

Every change across the platform is written to an append-only audit log with a before/after record, the acting user, and a timestamp. Logs are retained for six years by default — long enough to satisfy the strictest framework requirements — and are exportable on demand.

EU data residency

All customer data is stored in the EU. There is no replication to other regions. This matches a data-transfer-restricted posture out of the box for UK and EU customers.

Data minimisation with sub-processors

We send the minimum to each sub-processor: no card data ever reaches us (payments are handled by Stripe), no personal data or customer evidence is ever sent to our AI provider, and evidence connectors pull metadata read-only — we never write to your systems.

Defence in depth

A request has to pass every one of these layers before it can read or change data. Compromising any single layer is not enough — they reinforce one another.

  1. 1Encrypted transport (TLS) on every connection
  2. 2Multi-factor authentication, enforced for admins
  3. 3Signed-session verification before any request is processed
  4. 4Database-enforced tenant isolation on every table
  5. 5Server-side role checks on every privileged action
  6. 6Encrypted secret vault, isolated from tenant data
  7. 7Append-only audit log of every change
SOC 2 Type II
Readiness complete · audit in progress
EU only
Data residency · no cross-region replication
UK GDPR
Aligned · DPA available · ICO ZC151322

We are transparent about what we have and haven't certified yet — SOC 2 Type II is in readiness with the audit engagement underway. We don't claim certifications we don't hold.

Sub-processors

SupabaseDatabase, authentication, storage (EU region)
VercelApplication + marketing hosting (edge)
StripePayments — no card data touches Raize
AnthropicAI assistance — no personal data in prompts
ResendTransactional email delivery

Full sub-processor list, purposes, and Data Processing Agreement on the privacy page and DPA.

Doing deeper due diligence?

We share detailed architecture and data-flow documentation, our internal penetration-test summary, policy library, and completed security questionnaires under NDA. Reach out and we'll get you what your security team needs.

Request security pack View our Trust Center