Security & Compliance

Enterprise-grade security designed for procurement approval.

Data Handling Process

Niral processes design files to generate code. Here's exactly what happens to your data:

Step-by-Step Data Flow:

  1. Design file is uploaded via secure HTTPS connection (TLS 1.3)
  2. File is encrypted at rest using AES-256 encryption
  3. Processing engine parses file metadata and layout structure
  4. Code is generated and made available for download
  5. Original design file is automatically deleted after 30 days (configurable)

What We Store:

  • Generated code output
  • Project metadata (names, timestamps, user IDs)
  • Usage analytics (aggregated, non-identifiable)

What We Don't Store:

  • Proprietary business logic or backend code
  • Customer data or personally identifiable information (PII)
  • Design files after retention period expires

File Storage Duration

Design files are stored only as long as necessary for processing and regeneration purposes.

Retention Policy:

ItemRetention PeriodConfigurable
Design files30 days defaultYes (7-90 days)
Generated codeIndefiniteN/A
Project metadataAccount lifetimeN/A
Audit logs1 yearYes (Enterprise)

Note: Enterprise customers can request immediate file deletion after code generation.

Encryption Standards

All data is encrypted both in transit and at rest using industry-standard protocols.

In Transit

  • • TLS 1.3 for all API requests
  • • Certificate pinning for mobile apps
  • • No unencrypted HTTP endpoints

At Rest

  • • AES-256 encryption for all files
  • • Encrypted database backups
  • • Key rotation every 90 days

Hosting Model

Niral is hosted on enterprise-grade cloud infrastructure with 99.9% uptime SLA.

Infrastructure Details:

  • Cloud Provider: AWS (US-East, EU-West regions available)
  • Data Residency: Configurable per region for GDPR compliance
  • Backups: Daily encrypted backups, 30-day retention
  • DDoS Protection: Cloudflare enterprise-grade protection

Compliance Roadmap

Niral is actively pursuing industry-standard compliance certifications:

✅ Current Compliance

  • • GDPR compliant data handling
  • • CCPA privacy standards
  • • OWASP Top 10 security controls

🔄 In Progress (2026)

  • • SOC 2 Type II audit (Q2 2026)
  • • ISO 27001 certification (Q3 2026)
  • • HIPAA compliance option (Q4 2026)

Procurement-Ready Documentation

Need a security questionnaire, DPA, or vendor risk assessment? We provide comprehensive documentation to accelerate your procurement process.

Request Security Documentation
Chat with usWhatsApp icon – open chat