SecurityOverview

Comprehensive security information and compliance details for FlowSight.

Local-first workspace context

Sensitive development context is designed to be processed on the device. Account and service data needed to operate the product are handled under our privacy programme.

Local processing

Core analysis is architected to run on your machine. Network features use encrypted connections where applicable.

Risk-based security reviews

We apply access controls, monitoring, vulnerability management, and vendor reviews proportionate to risk.

GDPR & trust programme (SOC 2–aligned)

We describe our practices accurately: compliance is an ongoing programme of controls, policies, and contracts — not a one-line badge.

GDPR

We support EU/EEA/UK data protection requirements with transparent notices, lawful bases, data subject rights, subprocessors assessments, and international transfer safeguards (such as Standard Contractual Clauses where applicable).

Privacy PolicyCookie PolicyGDPR overview
SOC 2 readiness

We align internal controls with the AICPA Trust Services Criteria (Security, and where applicable Availability and Confidentiality) as part of a roadmap toward independent assurance. A SOC 2 Type II report, when available, is typically provided to customers under confidentiality — it does not replace your own legal or compliance review.

Industry-specific regimes (for example HIPAA or ISO 27001 certification) require separate contractual and technical measures; contact us if your organisation needs a regulated deployment.

Security Questions?

Have questions about FlowSight's security practices or compliance? Our team is here to help.

Contact Security Team