Infrastructure Security
Cloud Hosting
Docaffair is hosted on Microsoft Azure and AWS, leveraging world-class physical security and environmental controls. Our infrastructure is distributed across multiple availability zones for high availability.
- Tier IV Data Centers
- Automatic Failover
Network Security
We utilize Virtual Private Clouds (VPCs) to isolate resources. All external access is restricted via firewalls and managed load balancers.
- DDoS Protection
- Private Subnets
Data Protection
Encryption in Transit
All data transmitted between your client and our servers is encrypted using strong TLS 1.2+ protocols (HTTPS).
Encryption at Rest
Documents and database entries are encrypted at rest using AES-256 standards with automated key rotation.
Data Retention: You have full control over your data. Configure automatic deletion policies (e.g., 30 days) via the Settings dashboard, or manually delete documents at any time.
Compliance & Certifications
Application Security
Authentication
We support Multi-Factor Authentication (MFA) for all user accounts. Enterprise customers can configure Single Sign-On (SSO) via SAML or OIDC (Okta, Azure AD, Google Workspace).
Role-Based Access Control (RBAC)
Granular permission settings allow you to define exactly what your team members can view or edit. Limit access to specific templates, billing info, or API keys.
Vulnerability Disclosure
If you believe you have found a security vulnerability in Docaffair, we encourage you to let us know right away. We investigate all reports and do not take legal action against those who discover and report security vulnerabilities responsibly.