Docs

Security Overview

This page summarizes current engineering controls and operational posture. It does not claim certifications.

Data Handling and Hashing

  • Signal processing paths use privacy-preserving hashing for request correlation workflows.
  • Compliance telemetry is designed for enforcement observability, not user profiling.
  • Runtime logs are structured and redacted to reduce accidental sensitive-data exposure.

No Plaintext PII Logging

GPCGuard runtime paths are maintained with a fail-safe posture against plaintext PII and secret logging. When context is uncertain, logs are reduced to redacted structured events.

Tenant Isolation and RLS

  • Business data operations run through user JWT paths with Row Level Security enforcement.
  • Service role access in customer API flows is restricted to auth bootstrap and verification.
  • Cross-tenant access protections are enforced at the database policy boundary.

Incident Contact

Security inquiries: security@gpcguard.app

Contact and escalation workflow can be refined as formal incident response runbooks evolve.