The security of your data is our priority
Dotify adopts best practices to protect your data and your clients' data.
Data encryption
Sensitive credentials (SMTP passwords, provider credentials) are encrypted at rest. Connections use HTTPS/TLS.
Multi-tenant isolation
Each organization operates in complete isolation. One organization's data is never accessible by another.
Secure authentication
Mandatory email verification, Google OAuth, automatic lockout after failed attempts (15 minutes), strong password policy.
Anti-bot protection
Cloudflare Turnstile protects registration and login from automated access and brute-force attacks.
Secure sessions
HTTP-only cookies for client portal sessions. Secure tokens for all authentications.
Complete audit trail
Every change to deadlines is tracked with who, what, and when. Total transparency on operations.
GDPR Compliance
Dotify complies with EU Regulation 2016/679 (GDPR).
Clear roles
Dotify acts as Data Controller for user account data and as Data Processor for the user's client data.
Right to deletion
You can request the complete deletion of your account and all associated data at any time.
Data minimization
We only collect data strictly necessary to provide the service. No unnecessary tracking.
Secure payments
Payments are handled by Stripe, PCI-DSS compliant. We never have direct access to your card data.