Encrypted in transit
Every connection to AgencyKit, including the client portal and public document links, runs over HTTPS with TLS. There is no unencrypted mode.
Passwords are hashed, never stored
Passwords are hashed with bcrypt before they touch the database. Nobody at AgencyKit can read a password, and neither can an attacker with a database dump.
Payment credentials encrypted at rest
Gateway keys you connect (Stripe, PayPal, Paymob) are stored encrypted and shown back to you masked. Card data itself never touches our servers: payments happen on the gateway.
Signed, expiring client links
Proposal, contract, and portal links use signed secure tokens with expiry. Unsubscribe links are HMAC-signed so they cannot be forged for another address.
Permissions enforced on the server
Per-module permissions (view, create, edit, delete) are enforced server-side, not hidden in the interface. A member without invoice access gets client pages with all financial fields stripped before the data leaves the server.
Rate limiting and abuse controls
Login, AI, and sending endpoints are rate-limited per user. Email campaigns send only through your own SMTP, so one workspace can never affect another\'s deliverability.
Your data stays exportable
Clients, invoices, reports, and records export as CSV and PDF at any time, before or after cancelling. No lock-in by hostage-taking.
Found something? Tell us
If you believe you found a vulnerability, email security@agencykit.tech and we will respond quickly. Good-faith reports are always welcome.