Skip to content

Trust

Security built into the data model

SignalSuite protects people by collecting patterns, not identities, and protects customers with isolation enforced in the database itself. Here is exactly how, and what we are still building toward.

Our practices

Six commitments that shape every feature

Some of these are facts about how the product works today. Others are commitments we hold ourselves to as we grow. We label which is which.

  • Anonymity by design

    Responses are stored as patterns, not people. There are no identity foreign keys linking a submission back to an individual, so a result set can never be reverse-engineered into a name.

  • Tenant isolation

    Postgres Row-Level Security is enforced on every table. A workspace can only ever read its own rows. Isolation lives in the database, not in application code that could be bypassed.

  • Least-privilege access

    Access is granted narrowly and by role. Services and people receive the minimum permissions needed for a task, and privacy thresholds (k-anonymity) gate small result sets from view.

  • Data protection

    We are committed to encrypting data in transit and at rest, and to collecting only what a signal needs. Data minimization is a design rule, not an afterthought.

  • Privacy and compliance

    We build toward GDPR-aligned handling. A formal SOC 2 program is on our roadmap. We are not yet certified, and we will say so until an independent audit is complete.

  • Responsible disclosure

    Found something? Report it privately and we will work the issue with you. We welcome good-faith security research and respond to credible reports promptly.

How it works

Anonymity and isolation, in plain terms

Patterns, not people

Most workforce tools promise anonymity and then quietly keep a key that links every answer back to a person. SignalSuite does not store that key. Submissions are recorded without identity foreign keys, so there is no path in the data model from a result back to an individual. You see how a team is trending; you cannot see who said what, because that link does not exist.

Before any result is shown, privacy thresholds (k-anonymity) check that a group is large enough to stay anonymous. If too few people have responded, the result is withheld rather than risk exposing an individual through a small sample.

Isolation enforced by the database

Every table in SignalSuite is protected by Postgres Row-Level Security. These policies live in the database and apply to every query, so a workspace can only ever read and write its own rows. Isolation does not depend on application code remembering to add a filter. The database rejects cross-tenant access outright. Access is granted on a least-privilege basis, so each service and role holds only the permissions a task requires.

What we are building toward

We are direct about the difference between what is shipped and what is on the roadmap. Today we build toward GDPR-aligned handling and commit to encrypting data in transit and at rest. A formal SOC 2 program is on our roadmap; we are not yet certified, and we will continue to say so until an independent audit is complete. A full subprocessor list and a Data Processing Agreement are available on request.

Responsible disclosure

If you believe you have found a vulnerability, tell us privately before sharing it publicly. We welcome good-faith research and will coordinate a fix and disclosure timeline with you.

Reports go to hello@signalsuite.com.

Questions

Security, answered honestly

Can SignalSuite link an anonymous response back to a person?
No. Responses are stored without identity foreign keys, so there is no join that maps a submission to an individual. Results are computed and displayed as aggregate patterns, and small groups are withheld by privacy thresholds.
How is one customer's data kept separate from another's?
Multi-tenant isolation is enforced by Postgres Row-Level Security policies on every table. The database itself rejects any read or write outside the caller's workspace, so isolation does not depend on application code remembering to filter.
Are you SOC 2 or ISO certified today?
Not yet. A formal SOC 2 program is on our roadmap and we build toward GDPR-aligned handling now. We will not claim a certification we do not hold. When an audit is complete, this page will reflect it.
Is data encrypted?
We are committed to encrypting data in transit and at rest. We also minimize what we collect in the first place, which is the strongest protection of all: data we never store cannot be exposed.
How do I report a security issue?
Email hello@signalsuite.com with the details and steps to reproduce. We treat good-faith reports as a priority and will coordinate a fix and disclosure timeline with you.

SignalSuite is an early-stage, invite-only pilot. This page describes current practices and roadmap commitments, not third-party audits or certifications we do not yet hold.

Need more detail for a security review? Visit the legal hub or contact us for our subprocessor list and DPA.

Trust you can verify, not just take on faith

Anonymity in the data model, isolation in the database, and a roadmap we publish openly. Start with one signal and see how it works.