How we protect
your data.
VestaFide handles workforce data — names, phone numbers, schedules, behavioral signals, and payment information. We take the security of that data seriously. This page describes the technical and organizational measures we use to protect it.
Security starts at the architecture layer — fewer moving parts mean fewer attack surfaces.
🔒 In transit & at rest
All data in transit is encrypted using TLS 1.2 or higher. All connections are served over HTTPS. Database connections use encrypted channels. Sensitive credentials are encrypted at rest and never stored in source code.
🏗️ Minimal attack surface
The Platform runs as a single Go binary backed by PostgreSQL. This minimalist architecture reduces attack surface — fewer moving parts mean fewer points of vulnerability. No unnecessary microservices or intermediary systems.
🔐 Secure sessions
Passwords are hashed using industry-standard algorithms and never stored in plaintext. Session tokens are cryptographically generated with configurable expiration. CSRF protection is enforced on all state-changing requests.
🛡️ Abuse prevention
All API endpoints are protected by rate limiting to prevent brute-force attacks. SMS delivery is rate-limited per phone number to prevent notification flooding. Automatic recovery middleware prevents cascading failures.
Five principles govern how we handle data once it's inside the platform.
Access Controls
Access to production systems and databases is restricted to authorized personnel on a need-to-know basis. Each team member has access only to the systems and data necessary for their role.
Audit Logging
Every significant action on the Platform produces an audit log entry — shift offers sent, responses, schedule changes, account modifications, and system events. Audit logs are append-only and cannot be modified or deleted. They include actor, action, affected entity, and timestamp. Retained for a minimum of seven years.
Behavioral Data Isolation
Behavioral signals (EWMA estimates, trust scores, fairness scores) are stored separately from personally identifiable information. The flywheel engine operates on dimension keys that reference entity IDs — it does not process or store names or phone numbers directly. If an account is deleted, behavioral signals are anonymized.
Third-Party Data Handling
We share data with third-party service providers only as necessary to operate the Platform. All providers are evaluated for their security practices. Payment processing is handled entirely by Stripe — VestaFide does not store credit card numbers or bank account numbers on our systems.
SMS Security
Shift offers are delivered via Twilio with the minimum information necessary for the recipient to act. Full employee details, behavioral scores, and sensitive business data are never included in SMS content.
Input Validation. All user inputs are validated on the server side. The Platform uses parameterized queries for all database operations, preventing SQL injection. User-supplied content is sanitized before rendering to prevent cross-site scripting (XSS).
Dependency Management. The Platform uses Go's module system with vendored dependencies. Dependencies are reviewed before inclusion and pinned to specific versions. The dependency footprint is intentionally minimal — fewer dependencies mean a smaller surface area for supply-chain vulnerabilities.
Request Tracing. Every request receives a unique request ID, included in all log entries for that request. This enables end-to-end tracing for debugging and incident investigation without exposing user data in logs.
Incident Response. In the event of a security incident involving unauthorized access to personal data, we will notify affected users and relevant authorities within 72 hours of confirmed discovery, as required by applicable law. Notification will include the nature of the incident, the types of data affected, and the steps we are taking to address it.
Background Checks. Gig workers undergo a background check facilitated through a third-party provider. VestaFide receives only the pass/fail result. The background check provider handles all related data in accordance with their privacy policy and applicable law, including the FCRA.
Data Residency. All Platform data is stored and processed in the United States. We do not transfer user data to servers outside the United States.
Continuous Improvement. Security is not a one-time effort. We continuously review access controls as the team grows, update dependencies to address known vulnerabilities, monitor for suspicious activity, and refine incident response procedures.
Responsible Disclosure. If you discover a security vulnerability, please report it to [email protected]. We appreciate responsible disclosure and will work to address reported vulnerabilities promptly before public disclosure.
Contact. VestaFide, Inc. — Email: [email protected]