Security Practices

At TryApprove, we treat your agency's deliverables and your clients' privacy with the utmost importance. We utilize modern cloud infrastructure and strict security protocols to ensure your data stays safe and your client portals remain secure.

Data Encryption

• In Transit: All communications between your browser, our servers, and our databases are encrypted using modern TLS (Transport Layer Security).
• At Rest: All files uploaded to TryApprove (PDFs, images, videos) are encrypted at rest using AES-256 encryption. Database backups are similarly encrypted.

Authentication & Access

• Magic Links: Client portals are accessed via cryptographically secure, randomly generated URLs. These links expire automatically if access is revoked by the agency, ensuring clients only see what they are allowed to see.
• No Passwords: We don't store passwords. All agency authentication flows through secure OAuth providers (like Google/GitHub) or secure email-based magic links, eliminating the risk of password breaches.
• Row-Level Security (RLS): Our databases employ strict RLS policies to guarantee that an agency user can only query and retrieve data that belongs specifically to their workspace.

Infrastructure & Hosting

• TryApprove is hosted on enterprise-grade infrastructure providers (AWS / Vercel) which maintain SOC 2, ISO 27001, and PCI DSS compliance.
• We employ automated vulnerability scanning and continuous integration pipelines to catch security issues before code is deployed.
• Database boundaries are protected by VPC rules and firewalls, rejecting public internet traffic.

Vulnerability Reporting

We welcome input from security researchers. If you believe you have discovered a vulnerability or security flaw in TryApprove, please do not disclose it publicly. Email us directly at security@tryapprove.com and our engineering team will address it promptly.