Security First

Your Data Security is Our Priority

StackKeep is built with enterprise-grade security from the ground up. We protect your sensitive SaaS spend data with industry best practices.

How We Protect Your Data

Security isn't an afterthought—it's built into every layer of StackKeep.

Encryption in Transit

All data transmitted between your browser and StackKeep is encrypted using TLS 1.3. We enforce HTTPS on all connections with HSTS preloading.

Encryption at Rest

Your data is encrypted at rest using AES-256 encryption. Database backups are also encrypted and stored in geographically separate locations.

Authentication

We use industry-standard OAuth 2.0 and support SSO integration. Passwords are hashed using bcrypt with appropriate cost factors. Session tokens are securely generated and expire automatically.

Access Controls

Role-based access control (RBAC) ensures team members only see what they need. All access is logged and auditable. Admin actions require re-authentication.

Minimal Data Collection

We only collect data necessary to provide our service. We never sell your data to third parties. You can request data deletion at any time.

Infrastructure

StackKeep runs on Vercel and Supabase, both SOC 2 Type II certified providers. Our infrastructure is hosted in secure US data centers with 24/7 monitoring.

Security Practices

Beyond technical controls, we follow operational security best practices to ensure your data stays protected.

  • Regular security audits and penetration testing
  • Dependency vulnerability scanning in CI/CD
  • Security-focused code review process
  • Incident response plan with defined escalation
  • Employee security training and background checks
  • Vendor security assessment for all third parties

Compliance Roadmap

We're actively working toward industry certifications to meet the needs of security-conscious organizations.

HTTPS & TLS 1.3
Implemented
SOC 2 Certified Infrastructure
Via Vercel & Supabase
SOC 2 Type II
In progress
GDPR Compliance
Planned

What Data We Access

Transparency about what we collect and why.

What We Collect

  • • SaaS application names and metadata
  • • License counts and assignment status
  • • Spend data from connected billing sources
  • • User activity metrics (login frequency)
  • • Your account email and profile info

What We Never Access

  • • Content inside your SaaS apps
  • • Your passwords or auth credentials
  • • Files, documents, or messages
  • • Personal employee data beyond names
  • • Any data outside granted OAuth scopes

Security Questions?

We're happy to discuss our security practices in detail, answer questions for your security review, or provide additional documentation.

Contact Security Team

hello@stackkeep.com

Security | StackKeep