Trulit
Security

Our Approach to Security

Your data security is our top priority. Learn about our security practices and data protection measures.

Data Encryption

All data is encrypted in transit using TLS. Data at rest is encrypted by our cloud infrastructure provider. All database connections use secure encrypted channels.

Infrastructure Security

Hosted on enterprise-grade cloud infrastructure with high availability. Database backups are performed automatically by our infrastructure provider.

Access Controls

Role-based access control (RBAC) with owner, admin, member, and tester roles. Multi-factor authentication (MFA) via authenticator apps. SSO trust configuration for workspace guest access.

Audit Logging

Activity tracking for test case changes, test run updates, and user actions. Audit logs capture who changed what and when for traceability.

GDPR Readiness

We implement data protection practices aligned with GDPR principles. Our platform includes the following features to support your compliance needs:

  • Cookie Consent Management: Granular cookie preferences for analytics, marketing, and functional cookies
  • Privacy Policy: Documented user rights including right of access and right to erasure
  • Data Export: Export your data at any time (GDPR Article 15, Right of Access)
  • Account Deletion: Request account deletion with a grace period (GDPR Article 17, Right to Erasure)
  • Cookie Policy: Detailed disclosure of tracking technologies used
  • Data Retention: Configurable data retention policies

Security Practices

  • Responsible Disclosure: If you discover a security vulnerability, report it to security@trulit.com
  • Access Controls: Role-based permissions with multi-factor authentication
  • Data Isolation: Row-level security ensuring users only access data within their projects

Data Protection

  • Data Isolation: Row-level security policies ensure complete project-level data separation
  • Backup & Recovery: Automated database backups provided by our cloud infrastructure
  • Data Retention: Configurable retention policies with secure deletion
  • Data Portability: Export your data at any time in standard formats

HIPAA Readiness

Trulit is designed to support HIPAA compliance for organizations that handle protected health information (PHI). Our platform includes the following safeguards:

  • Access Controls: Role-based access control (RBAC) with multi-factor authentication ensuring minimum necessary access
  • Audit Logging: Comprehensive activity tracking for data access, modifications, and user actions
  • Session Management: Automatic session timeout after a period of inactivity
  • Encryption: Data encrypted in transit and at rest by our cloud infrastructure
  • Data Isolation: Row-level security policies ensuring project-level data separation
  • Business Associate Agreement: Available for organizations requiring HIPAA coverage, view our BAA

Note: "HIPAA Ready" means our platform supports the technical safeguards required for HIPAA compliance. Each customer organization must execute an individual BAA with Trulit before storing or processing PHI. Contact compliance@trulit.com to get started.

Report a Vulnerability

If you discover a security vulnerability, please report it responsibly to security@trulit.com. We appreciate your help in keeping our platform secure.

Contact Security Team

For security inquiries, contact security@trulit.com