§ Security
Your pipeline, locked tight.
This page is maintained by the Spark team to answer common security and privacy questions. It's not a certification — it's a plain-English description of how we run.
Encrypted at rest and in transit
All customer data is encrypted at rest and traffic is TLS-only. Sensitive credentials are stored in isolated secret storage, never on disk in plain text.
Least-privilege by default
Row-level security scopes every read and write to your workspace. Support access requires explicit workspace-owner consent, and everything is audit-logged.
Human-approved outreach
Spark never auto-sends. Every comment and DM lands as a draft first. That's a safety property, not a feature — it's how we keep your account healthy.
Your data, your export
Export or delete your workspace data whenever you want. Deleted workspaces are purged from primary storage inside 30 days.
Report a vulnerability
Found something we should fix? Email security@startspark.ai with steps to reproduce. We acknowledge within one business day and coordinate disclosure with credit.
