Security you can defend to your CISO
Snapnlink is built on a security-first stack. We treat customer data as a liability worth engineering around — not an afterthought.
Defense in depth
Encryption in transit & at rest
TLS 1.2+ everywhere. AES-256 at rest for primary stores and backups.
Strong authentication
Bcrypt-hashed credentials, optional TOTP MFA, and SSO/SAML on Business+.
Hardened infrastructure
Hosted on Vercel and Supabase with isolated environments, least-privilege IAM, and audit logs.
Tenant isolation
Row-level security in our database boundary and per-organization API key scopes.
Backups & recovery
Daily encrypted backups, point-in-time recovery, documented RTO/RPO targets.
Incident response
24/7 on-call, postmortems for all severity-1 incidents, customer notification within 72 hours of qualifying breaches.
Compliance posture
Snapnlink (operated by JVR Consulting Ltd) processes personal data as both a controller and processor depending on context. We comply with the UK GDPR, EU GDPR, and the Data Protection Act 2018.
We are working toward SOC 2 Type II readiness and maintain a documented information security policy aligned with ISO/IEC 27001 controls. Customers on Business and Enterprise plans can request the current control attestation pack under NDA.
For data subject access requests, breach notifications, or to report a vulnerability responsibly, email security@snapnlink.com. We acknowledge within one business day.
Security review in your procurement queue?
Send us your questionnaire. We answer in days, not weeks.