Security & privacy

Security and privacy built into the foundation.

StacksMesh OS is built for agencies handling client data, files, contracts, and payments. These are the controls we ship today.

Core security areas

  • Workspace isolation
    Every company has its own workspace. Data does not cross tenants.
  • Role-based access control
    Owner, admin, and member roles with per-module scopes.
  • Client portal permissions
    Client users only see the data explicitly shared with them.
  • Document visibility controls
    Mark files internal-only, client-visible, or scope to specific users.
  • Signed file URLs
    Private storage. Access via short-lived signed URLs.
  • Audit logs
    Critical actions — logins, role changes, deletions, plan changes — are logged.
  • Data backups
    Backups are performed on the platform layer.
  • Usage monitoring
    Plan usage and workspace activity are tracked.
  • Secure authentication
    Password + Google OAuth via a managed auth provider.
  • Permission checks
    Every request is checked against workspace membership and role.

How it fits together

Every company has its own workspace. Client users only see data shared with them. Internal-only documents stay internal. Critical actions are logged and reviewable by workspace admins.

Security contact

For security concerns, reach us through the contact page and select "Security" as the reason.

Disclaimer: StacksMesh OS does not claim SOC 2, ISO 27001, HIPAA, or GDPR certification unless explicitly documented. This page describes technical controls in place today, not third-party certifications.