TASKCLANStart building ↗SECURITY
Trust by architecture.
How Taskclan protects the platform, your data and the intelligence that runs on it.
Last updated: July 18, 2026
Our approach
Security is a design constraint at Taskclan, not an afterthought. We build governance, isolation and observability into the platform so that the safe path is the default path. This overview describes our practices; our controls evolve as we grow.
Infrastructure and hosting
Taskclan runs on reputable cloud infrastructure providers with strong physical and network security. Production environments are separated from development, and infrastructure access is limited to authorized personnel. See our Subprocessors for the providers involved.
Encryption
Data is encrypted in transit using TLS and at rest using industry-standard algorithms. Secrets and credentials are stored in managed secret stores, never in source code.
Access control and authentication
- Least-privilege access to systems and data.
- Strong authentication for internal access, with multi-factor authentication where supported.
- Scoped, revocable API keys and tokens for programmatic access.
- Audit logging of sensitive operations.
Application security
We follow secure development practices, including code review, dependency monitoring and automated checks in our build pipeline. Our Engine evaluation layer adds policy and safety checks around AI-driven actions.
Monitoring and incident response
We monitor for anomalous activity and maintain an incident-response process to detect, contain and remediate issues. If an incident affects your data, we will notify affected customers and authorities as required by law and act to limit impact.
Data isolation
Customer data is logically isolated by account and project. Access to Customer Data is restricted, and we handle it in line with our Data Processing & Protection Policy.
Compliance
We design our controls with frameworks such as GDPR and CCPA in mind and are maturing our formal compliance program. Enterprise customers can contact us to discuss current documentation, security reviews and contractual commitments.
Responsible disclosure
If you believe you’ve found a security vulnerability, please report it to hello@taskclan.com with "SECURITY" in the subject line. Please give us reasonable time to remediate before public disclosure, and do not access or modify data that isn’t yours. We appreciate good-faith research.
Questions?
Found a vulnerability?
We welcome responsible disclosure. Tell us what you found and we’ll work with you to fix it.
Contact us ↗