Sign in Start free trial

Security & hosting

Secure by design (without slowing the workflow).

These notes summarise how FireDoorApp approaches tenant isolation, access control and operational security in day‑to‑day workflows.

  • Tenant-isolated workspaces so each organisation’s data is separated.
  • Role-based access controls and audit trails to support inspections, remedials and sign-off.
  • UK/EU hosting and Stripe for payment processing where billing is enabled.
Start free trial Privacy

Security pillars

Isolation

Tenant boundaries Workspaces are isolated so teams only see their own data.

Audit trail

Joined-up evidence Door histories connect inspections, remedials, PDFs and sign-off.

Access

Least privilege Roles and permissions help keep data exposure controlled.

What we protect (and how)

This list is intentionally practical: the controls you feel day-to-day and the operational measures behind them.

Authentication

  • Secure session cookies, CSRF protection, and password policies.
  • Optional 2FA with recovery codes and trusted device support.

Tenant isolation

  • Separate workspaces with tenant-scoped access checks.
  • Client portal access is scoped to specific clients/buildings.

Auditability

  • Door-by-door histories keep evidence attached to the right opening.
  • Exports and PDFs are generated from the same source of truth.

Operations

  • Backups and retention routines to reduce data loss risk.
  • Security headers (CSP, HSTS on HTTPS) to reduce common web risks.