FlowDule
Trust Center

Security and access control in FlowDule

This section describes the security mechanisms that protect data across chains, locations, and roles - from encryption and tenant separation to audit logs and two-factor authentication.

Security is part of the architecture, not an add-on

FlowDule is built as a multi-tenant platform, where chains, locations, and users are separated from day one. Security is not an extra layer - it's part of how data is stored, accessed, and logged.

This page describes the key mechanisms, allowing you to evaluate the platform without needing to request a separate security document.
Security

The key security layers in the platform

Encryption, isolation, access, and traceability

Encryption at rest and in transitEncryption

Encryption at rest and in transit

Data is protected both when stored and when transmitted, ensuring sensitive information does not circulate unprotected.

Data separation between chains and locationsIsolation

Data separation between chains and locations

Tenant and location data are kept separate, preventing access to data across different organizations or departments.

Two-factor login in the mobile appAccess

Two-factor login in the mobile app

Employees and clients can use the app with extra login protection, ensuring mobile access doesn't become a weak point.

Role and permission managementControl

Role and permission management

Determine who can view, edit, or manage which data, ensuring only authorized users access sensitive information.

Consent and PII protection on exportGDPR

Consent and PII protection on export

FlowDule logs consent upon creation, and personally identifiable information can be blurred upon export when relevant.

Audit logs, backup, and restoreTraceability

Audit logs, backup, and restore

All actions are logged, and backup and quick restore are part of the platform's security foundation.
Isolation

Tenant separation as the foundation for the entire platform

Each chain and location operates in its own data space. Row Level Security in PostgreSQL ensures that a query can never return data from another company - whether it's bookings, records, payments, or communication.

View GDPR and policies
Tenant separation and data isolation in FlowDule
Role-based access control in FlowDule
Access control

Role-based access across chain, location, and handler

FlowDule's role model cascades from chain to location to handler. Each level has its own permissions, and access is controlled at each API call - not just in the user interface.

Back to Trust Center
Next steps

Review security and access control in practice

Book a demo if you want to see roles, tenant separation, audit logs, and access control in a live walkthrough of the platform.

Book a demo