Security

Draft — pending legal review.

Security is built into Qos|c. This statement summarizes the measures that protect your data; specifics are available to customers under agreement.

Tenant isolation

Customer data is logically isolated per tenant, with access controls enforced at the application and database layers.

Role- and attribute-based authorization governs every feature. Administrative access is least-privilege and audited.

Data is encrypted in transit (TLS) and at rest. Secrets and credentials are stored using industry-standard protection.

Sensitive actions are recorded in an append-only audit trail, supporting traceability and evidence requirements.

We apply monitoring, backups, and a defined incident-response process. Access to production is restricted and logged.

To report a security concern, contact privacy@qos.center.