Trust Center

Security & Compliance

Transparency into how we protect your data, maintain compliance, and secure our infrastructure.

AES-256 Encryption at Rest
TLS 1.3 Encryption in Transit
99.9% Uptime SLA
< 72hr Breach Notification
US Only Data Residency

Infrastructure

Built on Google Cloud

Enterprise-grade infrastructure with certifications trusted by the world's most regulated industries.

All Hail Sentinel infrastructure runs exclusively on Google Cloud Platform, which holds SOC 2 Type II, ISO 27001, ISO 27017, ISO 27018, PCI DSS, and CSA STAR certifications.

Your data never leaves United States infrastructure. Every service, database, and processing pipeline operates within US regions with strict data residency controls enforced at the infrastructure level via Terraform.

Our infrastructure-as-code approach ensures every resource is version-controlled, auditable, and reproducible. Security scanning with TFSec runs on every deployment.

SOC 2 Type II ISO 27001 ISO 27017 ISO 27018 PCI DSS CSA STAR
Application Layer Firebase App Check, RBAC, API Scoping
Network Layer TLS 1.3, CORS, CSP, HSTS
Data Layer AES-256, SHA-256 Key Hashing, HMAC Webhooks
Infrastructure Layer Google Cloud Platform, Terraform IaC, TFSec

Data Flow

How Your Data Flows

Every step encrypted, authenticated, and audited.

Sources
Weather Radar
Forecast Models
User Input

Hail Sentinel Platform

Encrypted processing, authenticated access, audited operations

Outputs
Push Notifications
Webhooks (HMAC-signed)
API Responses (scoped)

Encrypted Everywhere

AES-256 at rest, TLS 1.3 in transit. API keys SHA-256 hashed. Webhook payloads HMAC-SHA256 signed.

Access Controlled

Role-based permissions. Scope-based API keys. Device attestation via App Check. Rate limiting on all endpoints.

Continuously Audited

BigQuery and Cloud Storage audit logs. Structured request logging. Real-time monitoring with automated alerts.

Compliance

Compliance Framework

Meeting the standards your legal and security teams require.

GDPR

EU General Data Protection Regulation. Legal bases documented, DPA available, 72-hour breach notification, data subject rights supported.

CCPA / CPRA

California Consumer Privacy Act. Right to know, delete, and opt-out. 12-month disclosure. Non-discrimination policy.

CAN-SPAM

Email compliance with unsubscribe in all marketing emails. Physical address included in every message.

ePrivacy

Cookie consent banner with opt-in/opt-out. Analytics only loaded after explicit user consent.

OWASP Top 10

CSP headers, SSRF protection, input validation, parameterized queries, secure authentication patterns.

App Store Compliance

Apple App Store and Google Play guidelines. Account deletion, privacy labels, signed binaries.

Data Retention

Data Retention & Handling

Clear policies for how long we store your data and why.

Data Type Retention Purpose
Account Data Active + 3 years Service delivery
Location Data (real-time) Not stored Processed in-memory
API Logs 90 days Debugging & analytics
Security Audit Logs 3 years Compliance
Transaction Records 7 years Legal requirement
Analytics 26 months Product improvement
Support Communications 3 years Service quality

Data deletion available on request per GDPR Article 17 and CCPA. Contact privacy@hailsentinel.com.

Subprocessors

Our Subprocessors

We carefully vet every third party that processes your data.

Google Cloud Platform Infrastructure
United States
Firebase Auth & Database
United States
RevenueCat Subscriptions
United States
Twilio SMS Alerts
United States
SendGrid Email Alerts
United States
View full subprocessor list

Security Practices Overview

A comprehensive document covering our infrastructure architecture, encryption standards, access controls, compliance framework, incident response, and vendor management. Share with your security team or attach to compliance questionnaires.

View Report Save as PDF

Security Resources

Have security questions?

Our team is ready to discuss your security requirements, provide documentation, or address compliance questionnaire items.

security@hailsentinel.com Contact Security Team