Security and Privacy

at Superflow

LBE
XYT
Cox Automotive
GMH
Children Defense Fund
Berger
Finsweet
Redshark
Zanger
Phenyx
Uservoice
Design Good
Sylvan Learning
LBE
XYT
Cox Automotive
GMH
Children Defense Fund
Berger
Finsweet
Redshark
Zanger
Phenyx
Uservoice
Design Good
Sylvan Learning
Governance

We establish policies and controls, monitor compliance and prove it to third-party auditors.

Our policies are based on the following
foundational principles:

We limit access to those with a legitimate business need, granting only the minimum privilege required.

Multi-layered security. We implement strong controls, built on the principle of defense-in-depth.

Consistent security. We apply robust controls uniformly across the entire enterprise.

Our security controls are always evolving. We continuously improve their effectiveness, auditability, and ease of use.

DataProtection

Data at Rest

Customer data is fully encrypted. Even before it reaches our databases, it's encrypted at rest, ensuring maximum security against both physical and logical access attempts.

Secret Management

Application secrets are encrypted and stored securely via Google Secrets Manager and access to these values is strictly limited.

Data in transit

Superflow uses TLS 1.2 or higher everywhere data is transmitted over potentially insecure networks.

EnterpriseSecurity

Endpoint protection

All corporate devices are centrally managed with anti-malware and equipped with Mobile Device Management (MDM) for secure configuration, including disk encryption, screen locks, and software updates. Our security alerts are monitored 24/7/365.

Security education

Superflow provides comprehensive security training to all employees upon onboarding and annually through educational modules with Vanta’s platform.

Identity and access management

Secure and streamlined access with Google SSO. We use multi-factor authentication (MFA) and role-based access control, ensuring employees only have access to necessary applications. Access is automatically revoked upon termination.

Vendor Security

Superflow uses a risk-based approach to vendor security. Factors which influence the inherent risk rating of a vendor include:

  • Access to customer and corporate data
  • Integration with production environments
  • Potential damage to the Superflow brand

Once the inherent risk rating has been determined, the security of the vendor is evaluated in order to determine a residual risk rating and an approval decision for the vendor.

DataPrivacy

At Superflow, data privacy is a first-class priority—we strive to be trustworthy stewards of all sensitive data.

Privacy Policy

View Superflow’s Privacy Policy.

Regulatory Compliance

Superflow evaluates updates to regulatory and emerging frameworks continuously to evolve our program.

Ship faster and make
more cool sh!t

Try Now for Free