Security & trust
Security built for real operations.
Your workforce data — employee records, client contracts, compliance documents, payroll — is protected by the same standards your clients expect. A buyer should understand our security in 10 seconds and verify it in 10 minutes.
Last updated: March 23, 2026
At a glance
AES-256 encryption at rest
Database, files, backups
TLS 1.2+ encryption in transit
HTTPS enforced, WSS for real-time
Immutable audit trail
Every action logged — cannot be modified
Multi-tenant data isolation
Company → Location → Site hierarchy
Role-based access control
Granular permissions per resource
99.5% uptime SLA
Service credits if we fall short
Complete accountability
Every action is recorded.
Every create, update, and delete in Arcova is logged with who did it, when, what changed, and where the request came from. Audit logs are immutable — they cannot be edited or deleted by any user, including administrators.
When a client asks "who changed this?" or a compliance audit needs the history of a record — the answer is already there.
Who
The authenticated user who performed the action
When
Timestamp stored in UTC
What
The affected record with previous and new values
Where
IP address and user agent of the request
Retention
Logs retained for the lifetime of the account
Security details
Expand any section for a plain-English look at how we protect your data.
Security questions?
For vulnerability reports, security documentation, or compliance questions.
Security questions? Let's talk.
Walk us through your security requirements. We'll show you how Arcova handles your data.