Security controls for accountable survey data

FlexiSurvey applies layered controls to separate customer data, protect sensitive fields, govern access and preserve an operational record. This page states the current control and assurance status; detailed documents are available for qualified reviews.

A security professional with a tablet in a secure data centre

Data separation

Tenant isolation is enforced in the application and by PostgreSQL row-level security policies on tenant-scoped tables, so a query that omits the tenant filter still returns no other tenant data. A dated architecture note is available for qualified reviews.

Encryption

Data is encrypted in transit (TLS) and at rest through AWS-managed storage encryption covering the database and file store, and mobile devices use device encryption (AES-256-GCM). Tenant data is additionally isolated by database-enforced row-level security.

Identity and access

Sign-in supports passwords with TOTP two-factor authentication, Google and Microsoft social sign-in, and enterprise SAML 2.0 single sign-on with per-tenant identity-provider configuration. Administrators can apply role-based permissions, session controls and IP allow-lists.

Audit and administration

Important administrative and data actions are recorded in an audit log with configurable retention. Administrators control who can view and export logs, and permission decisions are themselves recorded.

Privacy and data lifecycle

FlexiSurvey supports consent records, data-subject access and erasure requests, configurable retention and deletion, and encrypted backups. AI narrative features send only de-identified, pre-aggregated figures to the model provider, never raw response rows.

Hosting and data location

FlexiSurvey is hosted on Amazon Web Services in the United States (us-east-1), a single region, with automated encrypted backups and point-in-time recovery.

Assurance status

As of June 2026

Current control and assurance status. Detailed documents are available under NDA for qualified reviews.

AreaCurrent statusEvidence available
SOC 2SOC 2-aligned controls with continuous internal monitoring; no third-party Type II attestation at this timeControl mapping on request
Penetration testingContact our security team for current statusExecutive summary under NDA where available
GDPRContractual and operational measures, not a certificationDPA, privacy notice, records-of-processing support
AccessibilityBuilt to WCAG 2.1 AA guidelines with automated accessibility checks in CI; no independent VPAT yetAccessibility statement on request
Backup and recoveryAutomated encrypted backups with point-in-time recoveryBackup and recovery summary on request
Tenant isolationEnforced in the application and by PostgreSQL row-level security on tenant-scoped tablesArchitecture note on request

Responsible disclosure

Found a potential security issue? Email our security team and we will acknowledge your report and work with you on a resolution.

support@spancorp.net

Request the security and privacy review pack

For procurement or security review, contact us for the current control mapping, data-handling information and available evidence under NDA.