Security

Your data, locked down.

Security is not an add-on. It is built into every layer of the platform, from the database to the card reader.

01

Data Encryption

All data at rest is encrypted with AES-256-GCM. Data in transit is protected by TLS 1.2+ on every connection. Database backups are encrypted with separate keys rotated on a regular schedule.

02

PCI Compliance

We never store raw card numbers, CVVs, or magnetic-stripe data. Payments run through PCI-DSS Level 1 certified infrastructure, and only a tokenized card reference — never the card itself — ever touches our systems.

03

Access Control

Role-based access control (RBAC) ensures every user sees only what they should. Row-level security (RLS) policies enforce tenant isolation at the database layer. Every sensitive action is written to an immutable audit log.

04

Infrastructure

Each tenant is logically isolated with enforced boundaries at the query layer. Automated daily backups with point-in-time recovery. Infrastructure runs on SOC 2 Type II certified cloud providers with redundancy across availability zones.

05

Compliance

Our practices align with SOC 2 Type II controls. GDPR-ready data export lets any user request a full copy of their data. Data retention policies are configurable per tenant. We support data deletion requests within 30 days.

Ready to get started?

See how Batch protects your business from day one.

Get started free