Skip to main content
Scalple
Scalple
See it in action
Security

Security overview

Scalple is a security product. Our own security practices are held to the same standard we ask of our customers.

Zero credential exposure

Database credentials never leave Scalple's encrypted vault. Developers receive short-lived, session-bound access tokens scoped to specific tables and fields. No .env files, no shared logins, no credentials in chat.

INSERT-only audit trail

Every query, access request, and denial is appended to an immutable log enforced at the schema level. No UPDATE or DELETE is possible on the audit table. Each row is cryptographically chained to the previous one.

EU-only infrastructure

Scalple runs on EU-domiciled providers — Hetzner, OVHcloud, and Exoscale — which are not subject to US CLOUD Act jurisdiction. AWS is excluded by design. No sub-processors subject to US CLOUD Act jurisdiction. This marketing website is hosted on Vercel (Frankfurt, EU region) — note that Vercel is US-incorporated and processes only routing metadata, not customer data.

Encryption

All data in transit is encrypted with TLS 1.3. Data at rest uses AES-256-GCM. Credential secrets are encrypted at the field level before storage. Keys are rotated quarterly.

Sandboxed query execution

TypeScript queries run inside V8 Isolates with hard resource limits: 128 MB memory, 30s wall-clock, no outbound network access. Isolation is enforced at the engine level, not the application level.

Frequently asked questions

Does Scalple store database credentials on developers' machines?

No. Database credentials never leave Scalple's encrypted vault. Developers authenticate to Scalple using their identity provider (SSO) and receive short-lived, session-bound access tokens scoped to specific tables and fields. The underlying database password is never transmitted to the developer's machine, stored in a .env file, or visible in any client application.

Is the Scalple audit trail tamper-evident?

Yes. The audit table has UPDATE and DELETE revoked at the PostgreSQL permission level — not just access-controlled, but schema-enforced. Each row is cryptographically chained to the previous one. This is the distinction between a tamper-evident log (INSERT-only schema with cryptographic chaining) and a merely access-controlled log (file with restricted permissions). A supervisory authority reviewing a GDPR breach will ask whether the log could have been modified. The cryptographic chain means any attempt to modify the log is immediately detectable.

Why does Scalple exclude AWS?

AWS is subject to the US CLOUD Act (Clarifying Lawful Overseas Use of Data Act), which allows US law enforcement to compel disclosure of data held by US-domiciled companies regardless of where the data is physically stored. An EU customer's data on AWS Frankfurt can be subject to a US government order served to Amazon in Seattle. Scalple runs exclusively on EU-domiciled providers — Hetzner (Germany), OVHcloud (France), and Exoscale (Switzerland/Austria) — which are not subject to CLOUD Act jurisdiction. No sub-processors subject to US CLOUD Act jurisdiction.

What encryption does Scalple use?

All data in transit uses TLS 1.3 with forward secrecy. Data at rest uses AES-256-GCM. Credential secrets stored in Scalple's vault are encrypted at the field level before being written to the database — the storage layer never sees plaintext credentials. Encryption keys are rotated quarterly. The audit log rows use SHA-256 chaining for cryptographic integrity verification.

What are the V8 Isolate resource limits for TypeScript query execution?

Each TypeScript query runs inside a V8 Isolate with the following hard limits: 128 MB memory heap, 30-second wall-clock timeout, and no outbound network access. Isolates cannot access the host filesystem, cannot make HTTP requests, and cannot communicate with other Isolates. Resource limits are enforced at the V8 engine level, not at the application layer — they cannot be bypassed by the query code itself. Queries that exceed any limit are terminated and the termination is logged to the audit trail.

Vulnerability disclosure

If you discover a security vulnerability in Scalple, please report it responsibly to alexandru-serban@scalple.com. We aim to acknowledge reports within 48 hours and provide a fix timeline within 5 business days.

PGP key and full disclosure policy available at /.well-known/security.txt