Security & trust
Your pipeline data, protected by design.
Pipemetry connects to your CRM, so we treat your data with care from the first byte: strict tenant isolation, encryption, an immutable access audit, and a SOC 2 program in progress.
- Shipped
Tenant isolation by design
Every customer’s data is isolated at the database layer with row-level security (RLS), force-applied on every customer-plane table. Queries are scoped per tenant, so one customer can never read another’s pipeline.
- Shipped
Encryption in transit & at rest
All traffic is served over TLS, and data is encrypted at rest. Secrets are managed out of band and never committed to source.
- Shipped
WORM access audit
Read- and write-path access is recorded to a write-once, read-many (WORM) audit log with retention controls and export — so you can prove who accessed what, and when.
- Shipped
Authentication
Sign-in is handled by a managed identity provider (Keycloak) with enforced authentication. SSO / SAML is available on Enterprise.
- In progress
SOC 2
We are pursuing SOC 2. Controls are being implemented and evidence collected; we will share our report with Enterprise prospects under NDA as it progresses.
- Shipped
Backups & resilience
Customer data is backed up on a regular schedule so it can be restored. We design for least-privilege access to production systems.
Subprocessors & data handling
We keep a current list of the third parties that process data on our behalf. See our subprocessors and privacy policy for details on what we collect and how it is handled.
Security FAQ
How does Pipemetry keep my data separate from other customers?
Pipemetry enforces tenant isolation at the database layer using row-level security (RLS), force-applied on every customer-plane table, plus per-tenant query scoping. One tenant cannot read another tenant’s data.
Is Pipemetry SOC 2 compliant?
SOC 2 is in progress. We are implementing controls and collecting evidence, and will share status and (when available) our report with Enterprise prospects under NDA.
Is my data encrypted?
Yes — data is encrypted in transit (TLS) and at rest.
Can I get an audit log of access to my data?
Yes. Pipemetry keeps a WORM (write-once, read-many) access audit with retention controls and export, covering read and write access paths.
Do you support SSO?
SSO / SAML is available on the Enterprise plan.
Need a security review?
Enterprise plans include a security & compliance review and a named contact. Get in touch and we will share what you need.