Security Policy

1. Data Protection and Availability

ROOTSURE is designed to ensure the total integrity of your information. We combine advanced cryptographic techniques with secure infrastructure to provide robust certification.

• Document Storage: We store original documents in encrypted cloud environments located in Europe. This ensures that you can always retrieve the exact certified version for audit purposes.
• SHA-256 Hashing: Every document's integrity is verified using unique cryptographic hashes. Any modification to the document, even by a single bit, would result in a different hash, making forgery impossible to hide.
• Merkle Tree Architecture: We batch document proofs into Merkle trees, which provide a high level of cryptographical security and efficient verification.

2. Infrastructure and Access

Our platform operates on audited, enterprise-grade cloud infrastructure:

• Access Control: We implement Row Level Security (RLS) to ensure that document owners are the only ones with access to their data.
• In-Transit Security: All communications between your browser and our servers are encrypted using high-standard TLS/SSL protocols.
• Identity Management: We use industry-standard identity providers to manage user authentication securely.

3. Blockchain Stamping Safety

Stamping keys are managed following strict security protocols. Keys are never stored in the application logic or plain text environments. We use isolated signing processes to ensure the integrity of the Cardano transactions that anchor your document proofs.

4. Compliance

Our security practices are aligned with the highest standards, including a focus on GDPR compliance for all operations involving European citizen data.