Skip to main content
RetentIQ Trust & Security

Security Operations

Last Updated: June 8, 2026 • Version 1.0.0-Beta

1. Security Architecture

RetentIQ is built from the ground up to ensure data protection, compliance, and isolation. Our platform aggregates customer success indicators to predict churn metrics, meaning we process critical business records.

Our system uses a defense-in-depth model, enforcing access controls, network segregation, background checks, and encryption keys across all full-stack operations.

2. Multi-Tenancy & RLS Isolation

Database isolation is the foundation of our multi-tenant SaaS. RetentIQ utilizes Supabase PostgreSQL Row-Level Security (RLS).

Every table in our database containing sensitive parameters (including workspace definitions, customer health scores, playbooks, and events) is bound to strict RLS policies:

CREATE POLICY tenant_isolation_policy ON customers
  FOR ALL
  TO authenticated
  USING (org_id = (SELECT org_id FROM users WHERE id = auth.uid()));

This ensures that database queries from any tenant account are strictly scoped to that tenant's organization, preventing cross-tenant data leaks.

3. Data Encryption Standards

We protect data during both transit and storage phases:

  • Data in Transit: All web requests to our Next.js standalone portal, Express backend, or FastAPI microservice are protected using TLS 1.3 encryption. Unencrypted connections (HTTP) are blocked and redirected to secure sockets.
  • Data at Rest: Database backups and block storage volumes are encrypted using military-grade AES-256 standards. Database passwords and user logins are processed securely using bcrypt hashes.

4. Secrets & API Keys Protection

To aggregate usage indicators, RetentIQ requires API credentials for Mixpanel, Intercom, and Stripe.

All workspace credentials and third-party secrets are encrypted before database storage using database-level secret keys. These keys are held in environment variables, and the database only exposes raw credentials through stored routines that are tightly restricted.

5. Groq LLM Safeguards

To generate qualitative risk playbooks, RetentIQ leverages the GROQ API (powered by Llama-3.3).

To protect privacy during this processing:

  • We do not transmit personal customer details (such as names, addresses, or phone numbers) to the LLM. We only send structured numerical metrics and anonymized ticket texts.
  • Our enterprise service level agreement enforces zero-data-retention on Groq's APIs, meaning they do not store, cache, or use our prompts for training public models.

6. Hosting Infrastructure

Our production instances are hosted in AWS data centers through Supabase, Vercel, and modern container cloud platforms:

  • Data centers feature 24/7 security staff, biometric access controls, and video surveillance.
  • Compute boundaries are separated into private virtual clouds (VPCs) with strict security groups and firewalls.

7. Incident Response Protocol

In the event of a security breach or data incident:

  • Our incident response group will isolate affected resources, verify log integrity, and start forensic analysis within 2 hours of a trigger.
  • Affected workspaces and tenant admins will be notified via email within 72 hours of incident confirmation, in compliance with GDPR regulations.

8. Security Audits & Compliance

We are actively pursuing SOC 2 Type II certification. Our repository code is regularly scanned for dependency vulnerabilities, and we conduct biannual external penetration tests.