Security

Built to betrusted.

Security isn't a checkbox for us — it's how we build. Here's a transparent look at how we protect your data.

Encryption

Everything we store is encrypted at rest and in transit. No exceptions.

  • TLS 1.3 for all connections
  • AES-256 encryption at rest
  • Encrypted database backups
  • Keys managed via AWS KMS

Access Control

Least-privilege access, MFA required, audit logs on everything.

  • Mandatory 2FA for all team accounts
  • Role-based permissions (RBAC)
  • SSO via Okta for enterprise customers
  • Full audit logs, 90-day retention

Compliance

We meet — and exceed — modern compliance standards.

  • SOC 2 Type II certified
  • GDPR compliant
  • CCPA compliant
  • HIPAA-ready (for healthcare clients)

Uptime & Reliability

99.99% uptime SLA, daily backups, multi-region failover.

  • 99.99% SLA on production services
  • Daily automated backups
  • Multi-region disaster recovery
  • Public status page at status.bidsbite.com

Privacy by Default

Your data is yours. We never sell it, share it, or train on it.

  • Data isolation per customer
  • Export your data anytime, in any format
  • Right-to-delete honored within 30 days
  • Privacy policy in plain English

Incident Response

If something goes wrong, you'll hear from us — fast.

  • 24/7 monitoring & on-call rotation
  • Customer notification within 24 hours
  • Public post-mortems for major incidents
  • Annual penetration testing
SOC 2 Type II GDPR Compliant CCPA Compliant ISO 27001 (in progress)

Found a security issue?

We pay for bug reports. Responsible disclosure is welcomed and rewarded — we run a private bug bounty program for verified researchers.

Report a vulnerability