← Back to AirUnit.io
πŸ›‘οΈ

Security at AirUnit.io

Enterprise-grade security built for law enforcement aviation. Your operational data is protected by multiple layers of defense, encrypted at every stage, and stored exclusively in the United States.

πŸ›‘οΈ

Database Security

PostgreSQL with Row-Level Security (RLS) enforces complete tenant isolation at the database level. Each agency's data is cryptographically separated β€” even application-level bugs cannot leak data across organizations.

  • βœ“Row-Level Security policies on all tables
  • βœ“Parameterized queries prevent SQL injection
  • βœ“Separate database roles with least-privilege access
πŸ”

Encryption

All data is encrypted at rest and in transit using industry-standard protocols. Backups are compressed and encrypted before upload to secure storage.

  • βœ“TLS 1.2+ for all data in transit
  • βœ“AES-256 encryption at rest
  • βœ“Encrypted nightly backups to AWS S3
πŸ”‘

Authentication & Identity

Enterprise-grade authentication powered by Clerk with multi-factor authentication, secure session management, and SSO readiness.

  • βœ“Multi-factor authentication (MFA) available
  • βœ“Secure session tokens with automatic expiry
  • βœ“SSO/SAML integration ready for enterprise
πŸ‘₯

Access Control

Role-Based Access Control (RBAC) limits data access based on user roles within your organization. Administrative actions are gated by permission level.

  • βœ“Admin and User permission levels
  • βœ“Admin-only routes with server-side enforcement
  • βœ“Audit trail for administrative actions
πŸ—οΈ

Infrastructure

Built on enterprise-grade infrastructure providers that maintain SOC 2 Type II certification and rigorous security programs.

  • βœ“Vercel β€” SOC 2 Type II certified
  • βœ“Neon PostgreSQL β€” SOC 2 certified
  • βœ“AWS S3 β€” SOC 2 Type II, ISO 27001
  • βœ“Clerk β€” SOC 2 Type II certified
πŸ‡ΊπŸ‡Έ

US-Only Data Residency

All data is stored and processed exclusively within the United States. No data is transferred outside US borders.

  • βœ“Database: Neon US-East (Ohio)
  • βœ“Backups: AWS S3 US-East (Ohio)
  • βœ“Application: Vercel US region
  • βœ“Authentication: Clerk US infrastructure
πŸ’Ύ

Backup & Recovery

Automated nightly database backups with multiple recovery options ensure your data is always protected against loss.

  • βœ“Nightly automated backups to encrypted S3
  • βœ“Point-in-Time Recovery (PITR) via Neon
  • βœ“Manual backup trigger via admin dashboard
  • βœ“Backup audit trail with success/failure logging
🚨

Incident Response

Documented incident response procedures with 72-hour breach notification commitment to affected agencies.

  • βœ“72-hour breach notification to customers
  • βœ“Documented Incident Response Plan (available upon request)
  • βœ“Severity-based classification and response
  • βœ“Post-incident review and remediation

Infrastructure & Sub-processors

We partner with industry-leading infrastructure providers, each maintaining rigorous security certifications. All sub-processors are contractually obligated to protect your data.

ProviderPurposeLocationCertification
NeonPostgreSQL database hostingUnited States (US-East)SOC 2
VercelApplication hosting and CDNUnited StatesSOC 2 Type II
ClerkAuthentication and identityUnited StatesSOC 2 Type II
AWS S3Encrypted backup storageUnited States (US-East)SOC 2, ISO 27001
ResendTransactional email deliveryUnited Statesβ€”
AnthropicAI features (when enabled)United StatesSOC 2 Type II

Compliance & Documentation

πŸ“‹

Data Processing Agreement

Detailed terms governing how we process and protect your agency's data.

πŸ”’

Privacy Policy

How we collect, use, and protect information across the platform.

🚨

Incident Response Plan

Available upon request. Contact security@airunit.io for a copy.

Security Questions?

We're happy to answer security questionnaires, provide documentation, or discuss our security posture with your IT or compliance team.

Contact Security Team

security@airunit.io