Skip to content

Trust Center

Security and transparency, by design.

This page is maintained by NWARRAH to answer common security, privacy and reliability questions about how we build and operate software. It describes the controls we apply across our work — not an independent certification.

Security

Defense-in-depth across every layer of the stack.

  • Row-level security and least-privilege access by default
  • Secrets stored server-side, never shipped to the client
  • Dependency and code scanning on every change

Privacy

We collect the minimum and protect what we hold.

  • Data minimization built into every schema
  • Clear data-processing boundaries with subprocessors
  • User data export and deletion supported on request

Infrastructure

Modern edge-first architecture engineered for scale.

  • Globally distributed edge runtime
  • Managed Postgres with automated failover
  • Infrastructure-as-code, reproducible environments

Uptime

Built to stay up, monitored to prove it.

  • Health checks across web, APIs and portal
  • Real-time alerting on degradation
  • Public status reporting for transparency

Backups

Your data is recoverable, always.

  • Automated daily database backups
  • Point-in-time recovery windows
  • Periodic restore drills to validate integrity

Disaster Recovery

A tested plan for the worst day.

  • Documented RTO and RPO targets
  • Multi-region recovery strategy
  • Runbooks rehearsed, not theoretical

Data Processing

Transparent about how data flows.

  • Documented subprocessors and integrations
  • Contractual data-processing terms available
  • Region-aware data handling where required

Responsible AI

AI that's accountable, not a black box.

  • Human-in-the-loop on consequential actions
  • No training on client data without consent
  • Evaluations and guardrails before shipping

Vulnerability Disclosure

Found something? We want to hear it.

  • Clear, good-faith reporting channel
  • Acknowledged within two business days
  • Coordinated, responsible remediation

Report a vulnerability

We welcome good-faith security research. If you believe you've found a vulnerability, email hello@nwarrah.com and we'll acknowledge within two business days.

Have a security or compliance question?

Talk to the engineers who build and operate the systems.