Security at NokmFlow

Security at NokmFlow

We protect your sensitive business data with modern security standards, encryption, hashing, and strict access controls.

Data Protection & Encryption

All sensitive data in NokmFlow is protected using industry-standard encryption and hashing algorithms.

Passwords hashed using modern algorithms

We use secure password hashing algorithms to ensure passwords are never stored in plain text. Your credentials are protected even if our database is compromised.

Sensitive fields encrypted at rest

Financial data, client information, and other sensitive fields are encrypted at the database level, ensuring protection even if physical access is gained.

All traffic over HTTPS with TLS

Every connection to NokmFlow is encrypted using TLS, preventing interception of data in transit between your browser and our servers.

No plain-text storage of credentials

We never store passwords, API keys, or authentication tokens in plain text. All sensitive credentials are hashed or encrypted.

Access Control & Workspace Isolation

NokmFlow implements strict access controls and workspace isolation to ensure users can only access data they are authorized to view.

Workspace isolation prevents cross-tenant access

Each workspace is completely isolated at the database level. Users from one workspace cannot access data from another workspace, even if they share the same server infrastructure.

User roles and permissions enforce least privilege

Role-based access control ensures users only have access to the features and data they need. Permissions are checked at every API endpoint and database query.

Only authorized users can view sensitive client or financial data

Every request is authenticated and authorized before data is returned. Client information, financial records, and project details are only accessible to users with proper permissions.

Backups & Reliability

We maintain regular backups and have clear recovery procedures to ensure your data is never lost.

Regular automated backups

Database backups are performed automatically on a regular schedule, ensuring we can restore your data in case of any issues.

Clear internal recovery procedures

We maintain documented procedures for data recovery and disaster response, ensuring quick restoration of services if needed.

High availability architecture (EC2 + RDS)

NokmFlow runs on AWS infrastructure with EC2 for application servers and RDS for databases, providing high availability and scalability.

Privacy & Data Ownership

Your data belongs to you. We are committed to protecting your privacy and giving you control over your information.

Your data remains yours

You own all data you enter into NokmFlow. We never claim ownership of your business information, client data, or financial records.

Nothing is sold or shared with third parties

We do not sell, rent, or share your data with third parties for marketing or any other purposes. Your information is used solely to provide you with NokmFlow services.

Data export available upon request

You can export your data at any time. Contact us if you need assistance exporting your clients, projects, invoices, or financial records.

Built with privacy principles aligned with GDPR

Our data handling practices are designed to comply with GDPR principles, giving you rights over your data including access, rectification, and deletion.

Contact for Security Questions

Have questions about our security practices or need to report a security concern? We're here to help.

Contact Security Team