How ESGKit Protects Your Data
Last updated: March 26, 2026
1. Data Protection
All data encrypted in transit (TLS 1.3) and at rest. Multi-tenant isolation ensures your ESG data is never accessible to other organizations.
2. Authentication
Secure cookie-based JWT authentication. Two-factor authentication available. Role-based access control (Owner, Admin, Member).
3. Compliance
GDPR compliant with full data subject access request (DSAR) support. 90-day data retention after account deletion. Cookie-free analytics option.
4. Audit Trail
Every action is logged with immutable audit entries. Export audit logs for your compliance requirements.
5. Infrastructure
Hosted on enterprise-grade cloud infrastructure. Regular security assessments and code audits.
6. Contact
Report security concerns to security@esgkit.io.