Schetech holds sensitive commercial data: programmes, claims, feasibilities, drawings, and the financier figures behind a build. We treat protecting it as a first-class part of the product, not an afterthought. Here's how.
The controls below are built into the platform and verified by an automated security test suite that runs on every change.
Every organisation's data is walled off from every other. Isolation is enforced in code and covered by a dedicated cross-tenant test suite — one builder can never see another's projects, prices, or figures.
All traffic is served over TLS (HTTPS), with strict transport security and modern response-security headers applied to every request.
Least-privilege access by role — owner, finance, construction manager, PM, client, subcontractor. Subcontractors only ever see their own scope; financier and developer figures are gated to the parties involved.
Salted, hashed passwords, brute-force throttling, durable sessions, plus optional two-factor authentication and single sign-on (Google) for staff accounts.
The database runs on durable storage with automated nightly encrypted backups to independent object storage, a 30-day history, and a tested restore procedure. A backup we can't restore isn't a backup.
A security test gate runs on every code change — tenant-isolation, access-control coverage, and injection checks must pass before anything ships. Changes are code-reviewed with security in mind.
It's your data. You can see it, take it, and have it removed.
Hosted on established cloud infrastructure with a persistent, backed-up data store. Secrets are held in a managed secrets store, never in code.
An automated canary checks the live service every morning — availability, database health, security headers, and backup freshness — and alerts us if anything drifts.
Login, password-reset, and public endpoints are rate-limited to resist credential-stuffing and abuse.
A deliberately lean stack with very few third-party dependencies keeps the supply-chain surface small.
We're honest about where we are. Schetech has been through a thorough internal security review and hardening programme, with automated testing guarding every release. As we scale, our roadmap adds:
Building a security or procurement questionnaire? We're glad to complete it and share our controls in detail — just ask.
Talk to us directly — we'll walk your team through our controls.
Contact us