The security posture you can show your auditor.
Audren stores some of the most sensitive evidence your organisation holds. We treat it with the same rigour the standards we serve demand — and we publish exactly how.
Encrypted at rest and in transit
Every byte of your data — assessment answers, evidence files, documents — is encrypted at rest with AES-256 and in transit with TLS 1.3.
EU data residency
Your data is stored exclusively in EU data centres operated by our infrastructure providers. Nothing is replicated outside the EU.
Row-level security
Every database query is scoped to your organisation by Postgres row-level security. There is no shared collection your team could accidentally read into.
Full audit trail
Every change to documents, answers, and roles is logged with user, timestamp and before/after state — exactly what your auditor wants to see.
Granular roles
Owner, admin, editor, contributor and viewer — assign the right level of access per teammate. No more sharing one login.
GDPR rights built in
Export your data, correct it, or delete it from Settings. We process subject access requests within 30 days, no friction.
Subprocessors
We rely on a small set of trusted, GDPR-compliant providers.
| Provider | Purpose | Region |
|---|---|---|
| Supabase | Database, auth, file storage | EU |
| Stripe | Subscription billing | EU / global |
| Lovable Cloud | Application hosting | EU |