Security & Data Privacy

Your data stays yours. Always.

Deskify is built on a foundation of strict isolation, end-to-end encryption, and zero data sharing between organisations. Here's exactly how we protect you.

🔒AES-256 EncryptionAt rest

🔐TLS 1.3In transit

🏢Tenant IsolationPer-org database

🛡️Zero Cross-TenantData access

Core Architecture

Every organisation gets its own database

Deskify uses a strict tenant-per-database architecture. When your organisation signs up, a dedicated, isolated database is provisioned exclusively for you. No shared tables. No shared schemas.

This means it is architecturally impossible for one organisation's data to leak into another's — not through a bug, not through a misconfiguration, not through a query error. Your data lives in its own silo, period.

Tenant isolation model

Deskify API Layer

Tenant Router — resolves org ID from auth token

Org A DB

Isolated

Org B DB

Isolated

Org C DB

Isolated

Each org's data is physically separated

Encryption

Encrypted everywhere, always

We apply encryption at every layer of the stack — whether your data is moving across the internet or sitting on disk.

🔐

Encryption in transit — TLS 1.3

All communication between the desktop agent, your browser, and our servers uses TLS 1.3. Older, weaker protocols (TLS 1.0/1.1, SSL) are disabled. Every byte travelling over the network is protected.

🔒

Encryption at rest — AES-256

All data stored in your organisation's database — activity logs, screenshots, timesheets, AI summaries — is encrypted at rest using AES-256, the same standard used by banks and governments.

🖼️

Screenshot storage

Screenshots are stored in encrypted object storage (S3-compatible) with private, signed access URLs that expire after a short window. No public URLs. No direct access without a valid session.

🔑

Credential & key management

Authentication tokens, API keys, and database credentials are never hardcoded. All secrets are managed through a secrets manager and rotated regularly. No plaintext secrets in code or config files.

Access Controls

Only the right people see the right data

Role-based access within your org

Admins control who can view activity data, screenshots, and AI reports. Employees can only see their own data unless granted manager-level access.

Deskify staff cannot read your data

Our engineers do not have routine access to your organisation's database. Access to production systems requires multi-step approval and is fully logged and audited.

Agent authentication

Each desktop agent is bound to a specific device and organisation using a non-reversible device fingerprint and a signed token. Agents cannot impersonate other devices or access other organisations' APIs.

Session tokens expire

All user sessions and API tokens carry short expiry windows and are invalidated immediately on logout or password change.

Data Lifecycle

You control your data lifecycle

You decide how long activity data, screenshots, and logs are retained within your plan. Admins can delete individual records, wipe a specific employee's data, or request full account deletion at any time.

On account closure, your entire isolated database is permanently deleted within 30 days. No backups retained beyond that window.

Activity logsConfigurable (30–365 days)

ScreenshotsConfigurable (7–180 days)

AI summariesConfigurable (30–365 days)

Account dataUntil account deletion

Post-deletion wipeWithin 30 days

🛡️

Have a security question?

If you have questions about our security practices, found a vulnerability, or want to request a data deletion, reach out directly.

support@deskifyapp.com

Privacy Terms Refund Policy Cookies Security