Trust & Security

Security at IntelliBranch

Operational and financial data is among the most sensitive information a business holds. Our security architecture reflects that. Every design decision starts with the question: what happens if this fails?

Security Architecture

Six pillars of platform security

Each layer of the platform is designed with security and data integrity as a primary constraint, not an afterthought.

Data Isolation

Every client operates in a fully isolated data environment. No two clients' data shares a database, schema, or storage container. Tenant isolation is enforced at the architecture level — not through runtime access controls.

Dedicated TenantsLogical IsolationNo Data Co-mingling

Encryption

All data transmitted to and from the platform is encrypted using TLS 1.2 or higher. All data stored within the platform is encrypted at rest using AES-256. Encryption keys are managed through a dedicated key management service and rotated on a defined schedule.

TLS 1.2+AES-256 at RestKey Rotation

Access Controls

The platform enforces role-based access control (RBAC) at the organisation, location, and report level. HQ and portfolio owners have full visibility. Location managers and franchisees see only their own data. All permission changes are logged.

RBACGranular PermissionsFranchisee Isolation

Audit Logging

All user actions within the platform — including logins, data access, permission changes, and exports — are recorded in immutable audit logs. Logs are retained for a minimum of 12 months and are available to compliance teams on request.

Immutable Logs12-Month RetentionCompliance Ready

Availability

IntelliBranch is hosted on enterprise-grade cloud infrastructure with automated failover and geographic redundancy. We maintain a 99.9% monthly uptime SLA, with real-time status monitoring and incident response procedures in place.

99.9% SLAAuto FailoverReal-Time Monitoring

Data Residency

Enterprise customers may specify their preferred data residency region. Data is stored and processed within the agreed region and does not cross regional boundaries without explicit authorisation. Available regions are confirmed at time of contract.

Regional HostingCross-Border ControlsEnterprise Option
Compliance

Standards and frameworks

IntelliBranch's security controls are aligned to recognised international and regional standards.

GDPR
Aligned with EU General Data Protection Regulation requirements for data processing, retention, and subject rights.
SOC 2 Aligned
Platform controls are aligned to SOC 2 Trust Services Criteria covering security, availability, and confidentiality.
UAE Data Protection
Compliant with UAE Federal Decree-Law No. 45 of 2021 on Personal Data Protection.
ISO 27001 Aligned
Information security management practices aligned to ISO 27001 standards.

Responsible Disclosure

If you believe you have discovered a security vulnerability in IntelliBranch, please report it to us privately before public disclosure. We investigate all reports promptly and will acknowledge receipt within 2 business days.

Report a Vulnerability

For all other enquiries, see our Contact page.