Flopinio logoFlopinio

Trust & Security

A factual snapshot of current controls.

This page describes the current shipped trust surface for Flopinio's website, product, auth flows, billing operations, and approval-aware runtime.

Flopinio is not currently claiming SOC 2 or ISO certifications. This page represents live technical controls.

Interactive Diagram • Hover to explore

Shipped Security Layers

Transport Security

Production traffic is forced over HTTPS/TLS with HSTS, secure cookies, and signed session data for authenticated flows.

Encryption At Rest

Sensitive encrypted attributes use Rails Active Record Encryption with environment-managed keys, alongside deployment-level storage and database protections.

Identity & Access

Local password auth, OAuth 2.0 (Google/GitHub), MFA support, and recent-auth confirmation protect sensitive account and organization changes.

Resource Scoping

Multi-tenancy is enforced at the database level. Authorization is default-deny, managed via Pundit policies.

Approval Runtime

AI actions and MCP writes require explicit, logged human approval through the AgentApproval surface.

Audit Logging

Security events, runtime changes, and billing operations are recorded for administrative review and incident investigation.

Request Safeguards

Content Security Policy, per-request nonces, rate limiting, trusted-proxy handling, and signed webhook verification reduce common abuse paths.

Billing Integrity

All payment processing is handled by Paddle. Flopinio does not store or process raw credit card data.

Secure Integrations

OAuth callbacks, Slack, Paddle, Telegram, and mail sync paths use signed secrets, secure comparison, and TLS/STARTTLS where those protocols apply.

Control Details

Security controls are implemented in the application and deployment boundary.

These are current technical controls, not third-party certification claims. They describe how Flopinio protects customer data, authenticated sessions, integrations, runtime actions, and billing-adjacent operations today.

Encryption and transport

  • Production uses forced HTTPS/TLS, HSTS, secure cookies, and signed session data.
  • Encrypted attributes use Rails Active Record Encryption with primary, deterministic, and key-derivation salt material supplied through credentials or environment variables.
  • SMTP delivery is configured with STARTTLS for mail transport.

Application safeguards

  • Content Security Policy restricts default, script, style, image, object, frame, and connection sources, with per-request nonces for script execution.
  • Pundit policies default sensitive reads and writes to deny unless a permitted role and organization context are present.
  • Security-sensitive flows use recent-auth confirmation, MFA enrollment/reset paths, signed cookies, and rate limiting where abuse risk is higher.

Operational evidence

  • Security events, billing changes, integration activity, and runtime approval actions are recorded for administrator review.
  • Webhook and integration secrets are checked with constant-time secure comparison where signatures or shared secrets are used.
  • Paddle owns raw card processing; Flopinio stores subscription and invoice state rather than card numbers.

Program Boundaries

  • No Certification Overclaims

    We do not claim SOC 2, ISO, or HIPAA compliance until third-party audits are completed and documented here.

  • Roadmap Exclusion

    Future security packaging work (e.g., SIEM exports, SSO/SAML) is roadmap material and is not part of today's claim surface.

Resources

Privacy Policy Cookies Policy Terms of Service Public Roadmap

For security inquiries or responsible disclosure, please contact our security team.

[email protected]