Trust & Security
Security is the product
ARC is built for the world's most regulated industries. Our security posture is the foundation everything else stands on.
Tenant isolation
Row-level security enforced in PostgreSQL — no tenant ever sees another tenant's data.
Encryption
TLS 1.3 in transit, AES-256 at rest. Customer-managed keys on Enterprise.
Authentication
Email/password, magic links, and SAML SSO with optional SCIM provisioning.
Custom RBAC
Granular permissions across pages, tabs, actions, and individual rows.
Audit logging
Every read and write captured in an immutable log retained for 7 years.
Privacy by design
GDPR-aligned data residency, processing agreements, and DPA on request.
Compliance & certifications
Aligned with what matters
SOC 2 Type II
Ready
ISO 27001
Ready
GDPR
Ready
HIPAA
Ready