Security

How we keep your
data safe.

We are building products in a category — trust — where security is the entire value proposition. There is no cutting corners. This page describes how we think about it.

Our principles

Cryptography is non-optional

Every credential we handle is signed with Ed25519 and anchored to a Merkle transparency log. Tamper-evidence is built in at the protocol layer, not bolted on.

Least privilege everywhere

Production access is gated, audited, and time-bound. No engineer holds standing credentials to customer data. Every access decision is logged and reviewable.

Encryption by default

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Sensitive fields are additionally encrypted at the application layer with per-tenant keys.

Open standards over secret sauce

We build on W3C Verifiable Credentials, OpenID Connect, and other open specs. Auditable cryptography beats clever cryptography every time.

Privacy is a feature

We collect the minimum data necessary, retain it for the shortest time possible, and give users complete control over what is shared and with whom.

Disclose responsibly, fix quickly

If you find a vulnerability, tell us at security@zarqnix.com. We aim to acknowledge within 24 hours and resolve critical issues within 7 days.

Certifications & compliance

Where we stand today. We will update this page as audits complete.

SOC 2 Type IIn progress · target Q3 2026

ISO 27001Planned · 2027

GDPRCompliant by design

DPDP Act (India)Compliant by design

Responsible disclosure

Found something that looks wrong? Email . We treat security reports as a gift. We will acknowledge within 24 hours and credit you publicly (with your permission) once a fix is shipped.

PGP fingerprint · 4F2E 9D7C 1A8B 6E03 · 5C44 7B2D F1A9 8E60 0233 1FC8

How we keep your data safe.

Our principles

Cryptography is non-optional

Least privilege everywhere

Encryption by default

Open standards over secret sauce

Privacy is a feature

Disclose responsibly, fix quickly

Certifications & compliance

Responsible disclosure

How we keep your data safe.

Our principles

Cryptography is non-optional

Least privilege everywhere

Encryption by default

Open standards over secret sauce

Privacy is a feature

Disclose responsibly, fix quickly

Certifications & compliance

Responsible disclosure

How we keep your
data safe.

How we keep your
data safe.