Security

Last updated: April 2026

Infrastructure

Trendrr is hosted on Cloudflare Pages with edge caching and DDoS protection. All traffic is served over HTTPS with TLS 1.3. Our serverless functions run on Cloudflare Workers, isolated per request.

Data encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256. PSA API credentials are stored in encrypted environment variables and never logged or exposed.

Access controls

Access to production systems is restricted to authorized personnel with multi-factor authentication. We follow the principle of least privilege for all system access.

Data isolation

Each customer's ticket data is logically isolated. Your data is never mixed with other accounts, used for cross-account analysis, or used to train any models.

PSA integrations

We connect to your PSA using OAuth 2.0 or API keys with the minimum required permissions. We request read-only access to ticket data — Trendrr never modifies your PSA records.

Incident response

In the event of a security incident, we will notify affected customers within 72 hours with details of the incident, its impact, and remediation steps taken.

Responsible disclosure

If you discover a security vulnerability, please report it to [email protected]. We appreciate responsible disclosure and will acknowledge your report within 48 hours.