Security & Trust
Enterprise-grade security for your most important data
SOC 2 Type II
Audited Controls
GDPR Compliant
Full Data Rights
99.99% Uptime
SLA Guaranteed
AES-256 Encryption
At Rest & In Transit
Infrastructure
Enterprise Infrastructure
Microsoft Azure
Built on Microsoft Azure with a global CDN for fast, reliable access from anywhere in the world.
Multi-Region Deployment
Automatic failover across multiple Azure regions ensures your platform stays online no matter what.
Geo-Redundant Backups
Point-in-time restore with geo-redundant backup replication keeps your data safe from any scenario.
Auto-Scaling
Infrastructure automatically scales to handle peak loads during events, renewal seasons, or traffic spikes.
Data Protection
Your Data, Protected
- AES-256 encryption at rest for all stored data
- TLS 1.3 encryption in transit for every connection
- Database-level tenant isolation — each organization gets its own isolated data store
- Regular third-party penetration testing
- Automated vulnerability scanning with continuous monitoring
Compliance
Compliance You Can Count On
SOC 2 Type II
Independently audited controls for security, availability, and confidentiality. Report available upon request under NDA.
GDPR
Full compliance including consent management, DSAR handling, right to erasure, and Data Processing Agreements available for all customers.
CCPA
California Consumer Privacy Act compliant with full data transparency, opt-out mechanisms, and data deletion support.
PCI DSS
PCI DSS compliant payment processing through Stripe. Nexuvo never stores, processes, or transmits raw cardholder data.
Data Residency
Data Residency Options
| Region | Provider | Availability |
|---|---|---|
| United States (East) | Microsoft Azure | Default for all plans |
| European Union | Microsoft Azure | Enterprise+ plans |
| Canada | Microsoft Azure | Enterprise+ plans |
| Australia | Microsoft Azure | Enterprise+ plans |
Data never leaves your chosen region. All backups, replicas, and processing remain within the selected geographic boundary.
Authentication
Access Controls & Authentication
Role-Based Access Control
Five granular roles — Owner, Admin, Manager, Member, and Viewer — so every user sees only what they should.
SSO via SAML 2.0 & OIDC
Enterprise+ plans support single sign-on through your existing identity provider, including Azure AD, Okta, and Google Workspace.
Multi-Factor Authentication
Enforce MFA across your organization with support for authenticator apps and hardware security keys.
Session Management & Audit Logging
Full audit trail of user actions, session management with configurable timeouts, and IP-based access alerts.
Have security questions?
Our team is happy to walk through our security posture, share our SOC 2 report under NDA, or answer any questions about how we protect your data.