Security
How we protect your data.
Procurement teams need real answers, not marketing. Here's what's actually true about how Nexus is built and run.
The short version
- All customer data is encrypted in transit (TLS 1.2 or higher) and at rest (AES-256 at the database and object-storage layer).
- Tenants are isolated at the application layer. Every database query is scoped by organization ID; no customer can read another customer's data.
- Authentication is handled by Clerk, which is SOC 2 Type II audited.
- Files are stored in Cloudflare R2 with server-side encryption and time-limited signed URLs.
- We don't sell or share customer data. We don't allow Anthropic to train on the documents we send for parsing.
- We are a young company. We do not yet have SOC 2 or ISO 27001 certifications. We use vendors who do and inherit their controls where possible.
Data we hold
Nexus holds the records your business runs on: worker profiles with PII and certifications, project records, daily safety forms, photos and PDFs uploaded from the field, and a 30-year archive of exposure records as required by OSHA. We do not collect health information beyond what regulators require us to retain (medical surveillance dates, fit-test results, and exposure data).
We do not hold payment card data. All billing flows through Stripe; Nexus only stores a Stripe customer ID and subscription metadata.
Encryption
In transit
All traffic to getnexus.pro and our API is served over TLS 1.2 or higher. Certificates are managed by our hosting provider and renewed automatically.
At rest
Database storage (managed Postgres) is encrypted at rest by the hosting provider. File storage (Cloudflare R2) is encrypted at rest with AES-256. Encryption keys are managed by the respective providers; Nexus does not handle raw key material.
Access control
Inside a customer organization, Nexus enforces role-based access: owner, admin, supervisor, and field roles each see only what they're authorized to see. Engineers at Nexus do not have routine access to customer data. Production database access requires explicit reason, is logged, and is granted on a case-by-case basis (e.g. supporting a customer ticket that requires it).
Tenant isolation
Nexus is a multi-tenant SaaS. All customer data lives in a shared database, partitioned by organization ID. Every API request goes through middleware that extracts the organization ID from the authenticated session and scopes the database query to that tenant. There is no way through the application to read another tenant's data.
Backups and durability
Our managed Postgres provider takes automated daily backups with point-in-time recovery. File storage in Cloudflare R2 has 99.999999999% (eleven nines) durability through R2's own replication. We do not delete data on customer cancellation for 90 days, and we retain exposure-record archives for the full 30 years required by OSHA 29 CFR 1926.1101.
AI and document parsing
Nexus uses Anthropic's Claude API to parse uploaded documents (extracting expiration dates from certification PDFs, structured fields from training certificates, and similar). Under Anthropic's standard commercial API terms, content sent for parsing is not used to train Anthropic's models and is retained by Anthropic for a limited period (typically 30 days) for abuse-monitoring only, then deleted. Parsed data is stored in your Nexus database under your organization's tenancy and is treated like any other customer data.
Subprocessors
We list the third parties that process customer data on our behalf. We update this list when it changes. If you need notification of subprocessor changes, ask us.
| Provider | Purpose | Region |
|---|---|---|
| Clerk | Authentication and organization management | United States |
| Stripe | Subscription billing and payment processing | United States |
| Cloudflare R2 | Encrypted file and document storage | United States |
| Railway | Application hosting, managed Postgres, managed Redis | United States |
| Anthropic | AI-assisted document parsing (Claude API) | United States |
| Sentry | Error monitoring (optional) | United States |
| Mixpanel | Product analytics (optional) | United States |
| Google Analytics | Marketing website analytics (getnexus.pro pageviews) | United States |
Incident response
If we discover unauthorized access to customer data, we will notify affected customers without undue delay (target: within 72 hours of confirmation) with a description of what happened, what data was affected, and what we're doing about it. We follow the breach-notification commitments in our Terms of Service and the data-handling commitments in our Privacy Policy.
Vulnerability reporting
If you find a security issue, please email security@getnexus.pro. We will respond within two business days. We don't have a formal bug-bounty program yet, but we will acknowledge researchers who report in good faith, and we don't pursue legal action against good-faith research that respects user privacy and doesn't degrade service.
What we don't have yet
Being honest about what we haven't done is more useful than claiming what we haven't earned.
- No SOC 2. We're early. We inherit SOC 2 from Clerk (auth), Stripe (payments), and our hosting provider, but we don't yet hold our own report.
- No HIPAA BAA. Nexus is not designed for protected health information beyond regulator-required exposure and medical-surveillance dates. Don't upload patient records.
- No HITRUST, ISO 27001, FedRAMP. Not currently scoped.
- No on-prem deployment. Nexus is multi-tenant SaaS only.
When we earn certifications, this page will be the first place they show up.
Questions
For procurement reviews, security questionnaires, or anything else, email security@getnexus.pro.
Ready to simplify compliance?
Start your 14-day free trial. No credit card required.