Trust & Security
Your data stays yours.
Always encrypted, never resold.
Fareof handles millions of verified B2B contacts and processes sensitive prospecting data daily. Security is not a feature page — it is baked into how we build, deploy, and operate every service.
Data Encryption
Encryption at rest
All customer data, including email lists, verified contacts, and CRM sync payloads, is encrypted at rest using AES-256. Database volumes and backup snapshots are encrypted with managed keys and rotated automatically.
Encryption in transit
Every connection — browser to edge, edge to API, API to database — runs over TLS 1.3 with modern cipher suites. HSTS with preload is enforced across all fareof.com properties.
Access Controls
Role-based access (RBAC)
Team admins control who can search, export, or push data to integrated CRMs. Owner → Admin → Member → Viewer roles with granular per-feature permissions. Audit logs capture every access event.
MFA & SSO
Multi-factor authentication is enforced for all team accounts. Enterprise plans support SAML-based SSO (Okta, Azure AD, Google Workspace) and SCIM provisioning for automated user lifecycle management.
API key security
API keys are scoped per workspace, rate-limited, and can be rotated or revoked instantly from the dashboard. Keys are never logged or stored in plaintext — only a salted hash is persisted.
Compliance & Certifications
SOC 2 Type II
Fareof infrastructure is hosted on SOC 2 Type II certified cloud providers. We maintain our own annual third-party penetration test and publish a summary of findings. Full compliance reports are available to enterprise customers under NDA.
GDPR & CCPA
Our data processing agreement (DPA) covers GDPR obligations including the right to access, rectify, and delete personal data. All B2B contact data is sourced from public professional profiles and processed under legitimate interest. CCPA opt-out requests are honored within 72 hours.
Data residency
Primary data stores are hosted in US regions (AWS us-east-1) with EU residency options available for Scale-plan customers. Cross-region replication is encrypted end-to-end.
Infrastructure Security
Network & DDoS protection
All traffic is routed through Cloudflare with WAF rules, bot management, and DDoS mitigation at Layers 3, 4, and 7. Origin IPs are never exposed to the public internet.
Vulnerability management
Dependencies are scanned continuously via Dependabot and Snyk. Critical patches are deployed within 24 hours. Our public bounty program rewards responsible disclosure.
Backup & disaster recovery
Automated daily snapshots with point-in-time recovery (30-day window). Cross-region disaster recovery with an RPO of 1 hour and RTO of 4 hours for critical services.
Logging & monitoring
All access, API calls, and administrative actions are logged to an append-only audit trail. Anomaly detection alerts on unusual access patterns, rate spikes, and geographic anomalies.
Questions or concerns?
For security inquiries, vulnerability reports, or to request our full compliance package, reach out to [email protected].