Security at Corpflow

Built for the data legal and compliance teams can't afford to leak.

Corpflow is the system of record for entity portfolios — UBOs, directors, registers, source documents. We treat that data the way the teams who own it have to: encrypted, isolated, audited, and reviewable.

Request our security pack
Encryption in transit and at restRole-based, per-tenant access
Security pillars
Encryption everywhere
TLS in transit and at-rest encryption across the database and document store. Passwords are bcrypt-hashed; refresh tokens live in HttpOnly cookies.
Tenant isolation by default
Role-based access controls enforce strict organizational data separation. A user only ever sees data belonging to their organization.
Built on SOC 2 infrastructure
Hosted on AWS, MongoDB Atlas, and Render — providers that maintain SOC 2 compliance and run physical and network security controls on our behalf.
Hosting & infrastructure

Where your data lives — and who runs the racks.

Corpflow runs on a small set of named providers, each holding SOC 2 (and, in most cases, ISO 27001). We don't operate our own data centers; we lean on the cloud providers your IT team probably already trusts.

Amazon Web Services (AWS)
Document and file storage
US regions
MongoDB Atlas
Primary application database
US regions
Render
Application hosting (API + web)
US regions
Redis
Caching and background task queue
US regions
Controls

The controls behind every record and every document.

Encryption in transit
All traffic between your devices and our servers is encrypted with HTTPS/TLS. Internal service-to-service traffic is encrypted within the provider network.
Encryption at rest
Database records and uploaded documents are encrypted at rest by our infrastructure providers.
Role-based access control
Permissions are scoped to your organization and to roles within it (administrator, attorney, paralegal, viewer). Cross-tenant access is structurally prevented.
Authentication hardening
Bcrypt password hashing, rate limiting on auth endpoints, and account lockout after repeated failed login attempts.
Session management
Sessions expire after a period of inactivity. Refresh tokens are stored in HttpOnly cookies that are inaccessible to client-side scripts.
Time-limited file access
Document downloads use pre-signed URLs that expire after a short window, preventing unauthorized long-term access to file links.
Data handling

What we keep, where we keep it, and how it leaves.

Tenant isolation. Every record in Corpflow is scoped to an organization. Application-level access controls enforce that scoping on every read and write — there is no cross-tenant query path in the product.

Soft delete & retention. Account and entity data are soft-deleted on request and may be permanently deleted on customer instruction. Documents are retained until you or your administrator delete them, or until your account is terminated.

Backup & recovery. The database runs on MongoDB Atlas with continuous backups and point-in-time recovery. Document storage benefits from AWS’ durability guarantees.

AI features. When you use AI-assisted parsing or extraction, relevant document content is sent to OpenAI and/or Anthropic for processing under their enterprise data terms. Your data is not used to train their models.

For the full picture of what we collect, retain, and share, see the Privacy Policy.

Subprocessors

The third parties that touch customer data.

We keep this list short on purpose. Each provider below holds its own privacy commitments and is bound by a data processing agreement with Corpflow.

Amazon Web Services
File and object storage
MongoDB Atlas
Database services
Render
Application hosting
Redis
Caching and task processing
OpenAI
Document parsing and AI-assisted analysis
Anthropic
Document parsing and AI-assisted analysis
PandaDoc
Document generation and e-signatures
SendGrid (Twilio)
Transactional email delivery
Google Places API
Address lookup and validation
Vulnerability disclosure

Found something? We want to hear from you.

If you believe you've found a security vulnerability in Corpflow, please report it to security@corpflow.ai. We'll acknowledge your report within two business days and keep you updated as we triage and remediate.

Please give us a reasonable window to fix the issue before disclosing it publicly. We do not pursue legal action against researchers who act in good faith and follow this process.

Procurement-ready

Need a deeper look before bringing us to security review?

We'll happily share our security overview, subprocessor list, and answers to your team's SIG / CAIQ questionnaire. Most reviews close in under a week.

Email security team