Security you can trust

We take security seriously. Here's how we protect your data and what you can expect from Tektii.

How we protect your data

Modern security practices built into our platform

Encryption in Transit

All connections are secured with TLS 1.3. Your data is encrypted between your browser and our servers.

Secure Authentication

Industry-standard authentication with multi-factor authentication, secure session management, and brute-force protection.

Cloud Infrastructure

Hosted on Google Cloud Platform infrastructure, which maintains SOC 1/2/3, ISO 27001, and other compliance certifications.

Data Protection

Your data is protected with encryption at rest using AES-256, automated backups, and strict access controls.

Dependency Scanning

Automated security scanning of dependencies to identify and address vulnerabilities.

Isolated Execution

Strategy backtests run in isolated containers, ensuring your code executes securely.

Transparent data handling

We believe you should know exactly what data we store

What we store

  • Account information (email, name)
  • Strategy configurations and parameters
  • Backtest results and performance metrics
  • API keys you create (encrypted)

What we don't store

  • Your brokerage credentials (you connect directly)
  • Payment card numbers (handled by Stripe)
  • Your brokerage passwords (we never see them)

Built on trusted infrastructure

Enterprise-grade cloud infrastructure with industry-leading security

Cloud Infrastructure

Our platform runs on Google Cloud Platform, which maintains extensive compliance certifications including SOC 1/2/3, ISO 27001, and FedRAMP.

  • Isolated, auto-scaling compute environments
  • Encryption at rest using AES-256
  • Secure, redundant data storage

Authentication & Access

Authentication is handled by Clerk, a SOC 2 Type II certified identity platform built with security as its core focus.

  • Multi-factor authentication support
  • Secure session management
  • Rate limiting and anomaly detection

Data residency

Know where your data lives

Primary Region

All data is stored in the United States (us-central1) on Google Cloud Platform infrastructure.

  • Application data: Firestore (us-central1)
  • Market data: Cloud Storage (us-central1)
  • Backtest results: Cloud Storage (us-central1)

Data Transfer

Data transfers between services use Google's private network backbone, never traversing the public internet.

  • All transfers encrypted with TLS 1.3
  • No data leaves the US region
  • GDPR data requests handled within 30 days

Our security practices

Ongoing commitment to security

Dependency Audits

Automated daily scans of all dependencies using cargo-deny and npm audit. Critical vulnerabilities blocked from deployment.

Code Review

All code changes require review before merge. Security-sensitive changes require additional review from security-focused team members.

Penetration Testing

We plan to conduct regular penetration testing by qualified third parties once the platform launches publicly.

Keeping your account secure

Security is a shared responsibility. Here's what you can do.

Enable multi-factor authentication

Add an extra layer of protection to your account by enabling MFA in your account settings.

Use strong, unique passwords

Use a password manager to generate and store strong passwords. Never reuse passwords across services.

Protect your API keys

Never share API keys or commit them to version control. Rotate keys periodically and revoke unused ones.

Found a security issue?

We appreciate responsible disclosure. If you've found a security vulnerability, please let us know and we'll work to address it promptly.

Report to security@tektii.com

Questions about security?

If you have questions about how we handle security or want to learn more about our practices, we're happy to help.

Contact UsPrivacy Policy