Security & GDPR
At Arcli.tech, security is an architectural baseline, not an afterthought. We built our Zero-ETL pipeline on the principles of ephemeral compute, strict tenant isolation, and least-privilege access.
Infrastructure & Architecture Security
Strict Tenant Isolation
Your data is never co-mingled in a monolithic database. Ingested JSON is normalized and saved to dedicated, cryptographically isolated S3/Cloudflare R2 prefixes (e.g., /tenant={id}/). Queries can only access files within your specific prefix.
Ephemeral Compute (DuckDB)
Our query engine spins up an isolated, sandboxed DuckDB process for every single query. Memory is strictly governed, and the process is immediately destroyed after execution, meaning no residual data remains in memory.
Authentication & Identity
We utilize Supabase for enterprise-grade authentication. All sessions are secured via JWTs, and row-level security (RLS) is enforced at the database layer to ensure users can only access their authorized environments.
Data in Transit & At Rest
All traffic to and from Arcli.tech is encrypted via TLS 1.3. Data at rest in our data lake (Parquet files) is encrypted using AES-256 standard encryption via our storage providers.
GDPR & Data Privacy
Arcli.tech complies with the General Data Protection Regulation (GDPR). We act as a Data Processor for the SaaS data you connect, while you remain the Data Controller.
- Right to Erasure (Right to be Forgotten): Because of our decentralized data lake architecture, executing a data deletion request is instantaneous and absolute. When a workspace is deleted, the corresponding isolated storage prefix is permanently purged.
- Data Portability: You maintain full ownership of your data. You can request an export of your normalized Parquet files at any time.
- Sub-processors: We use industry-leading, compliant sub-processors including DigitalOcean (hosting), Vercel (edge delivery), Cloudflare (networking & storage), and Supabase (authentication).
Security Inquiries
Have specific questions about our security posture, or need to report a vulnerability? Our engineering team is ready to assist.