Security

Last updated: January 2, 2026

1. Infrastructure

Geniy is built on industry-leading secure infrastructure powered by Amazon Web Services (AWS):

  • Frontend Hosting: AWS Amplify with automatic SSL and global CDN distribution.
  • Backend Hosting: AWS EC2 with App Runner for isolated, scalable compute instances.
  • Database: Amazon RDS (PostgreSQL) with encryption at rest and automatic backups.
  • File Storage: AWS S3 with server-side encryption (SSE-S3).
  • Payment Processing: Paystack (PCI-DSS Level 1 compliant).

2. Authentication & Access

We implement robust authentication measures:

  • Password Security: bcrypt hashing with automatic salt generation.
  • Session Management: Secure JWT tokens with expiration.
  • Workspace Isolation: Strict role-based access control (RBAC) ensures only authorized members can access workspace data.
  • Audit Logging: All sensitive operations are logged for security monitoring.

3. Data Protection

We employ strict measures to protect your data:

  • Encryption in Transit: All data is encrypted via TLS 1.2+ (HTTPS).
  • Encryption at Rest: Business context and sensitive data encrypted with AES-256.
  • Database Isolation: Workspace data is logically isolated with row-level security.
  • Secure File Handling: Uploaded documents are stored with restricted access policies.

4. AI & Third-Party Security

Our AI integrations prioritize your privacy:

  • Google Gemini: Enterprise API with zero data retention for training.
  • No Cross-Workspace Data Sharing: Your data is never used to train models or shared with other users.
  • API Key Security: All third-party API keys are stored encrypted and never exposed to the frontend.

5. Survey & Response Security

Survey responses are protected with:

  • Unique, non-guessable survey URLs.
  • Optional respondent anonymity settings.
  • Encrypted storage of response data.
  • Rate limiting to prevent abuse.

6. Reporting Vulnerabilities

If you discover a security vulnerability, please report it to us immediately at security@geniy.ai. We appreciate your help in keeping Geniy safe and will acknowledge responsible disclosures.

7. Compliance

Geniy is committed to data protection best practices. We are continuously working towards compliance with:

  • GDPR (General Data Protection Regulation)
  • Data Protection Act (Ghana)