PulseDeck

Security & privacy

Designed so client data, machine access, and provider credentials have separate boundaries.

Security claims here describe implemented controls. Production posture still depends on the buyer's hosting, secrets, provider approvals, monitoring, and operating procedures.

Implemented controls

A practical commercial baseline

Tenant authorization

Every authenticated read resolves a user membership for the signed workspace; role checks protect Owner, Administrator, and Editor operations.

Credential protection

Provider tokens and webhook signing secrets use AES-256-GCM at rest. API and ingestion keys are one-time values stored only as hashes.

OAuth integrity

Short-lived signed state, PKCE, an HttpOnly verifier cookie, user/workspace binding, cancellation handling, refresh, and re-auth states.

Outbound webhook safety

Public HTTPS only, DNS re-check before delivery, no redirects, HMAC signatures, timeout, bounded retries, and delivery logs.

Data rights

Workspace export, retention cleanup, provider deletion, account deletion, and explicit workspace deletion are implemented.

Operations

Audit records, request IDs, health endpoint, scheduled cleanup, external activation matrix, and incident-response documentation.

Legal boundary

Structured for UK and European review—not a substitute for counsel

Privacy, cookie, retention, subprocessors, data map, and security documents identify operator-controlled fields and items that require legal review before a commercial launch.

Ready when the data is

Start in a labelled demo. Activate each provider deliberately.

Create a workspace