Identity

Security & compliance

Built for the most regulated industries

Banks, hospitals, and Fortune 100 platforms run on Qeetid. Audit-ready by default. The whole company is accountable for keeping it that way.

Certifications & frameworks

Independent audits cover every piece of customer data. Report copies available under NDA from your account team.

SOC 2 Type II

Annual independent audit covering security, availability, confidentiality.

ISO 27001

Information security management system certified by an accredited body.

GDPR

EU data residency, DPA on every contract, DPO contact published.

HIPAA

BAA available on Enterprise plans for covered entities and business associates.

CCPA

California privacy compliance with full subject rights workflow.

PCI DSS SAQ-A

We do not store cardholder data; payments routed through PCI-Level-1 partners.

How we protect your data

Encryption everywhere

TLS 1.3 in transit. AES-256 at rest. Customer-managed keys (CMK) available on Enterprise.

Secrets management

All secrets stored in HSM-backed vaults. Per-tenant key isolation. Quarterly rotation.

Zero-trust internal

mTLS between services. SSO + hardware-key MFA for all employees. No standing production access.

Tenant isolation

Postgres row-level security and schema isolation. Per-tenant encryption keys at the data layer.

Immutable audit logs

Append-only, tamper-evident hashing. Exportable to S3, Splunk, Datadog, Kafka.

Infrastructure

Multi-region active-active. Automatic failover with 99.99% uptime on Enterprise plans.

Data residency

Choose US, EU, or APAC. Data never leaves the region you select.

Threat protection

Rate limiting, bot detection, breach-password checks, anomaly alerts.

Our security program

Security isn't a team. It's how we ship.

  • Continuous third-party penetration testing
  • Public security disclosure program with bounty payouts
  • All commits gated by signed-commit verification
  • Production deploys require two-person approval
  • Dependency vulnerability scanning on every PR
  • Disaster recovery drills run quarterly
  • Encryption keys rotated on a 90-day schedule
  • Employee security training mandatory every 6 months

Start building today.
Free for developers.

5,000 monthly active users on the house. Production-grade auth, no credit card, no time limit.

Create your account Talk to sales