1. Our security principles
- Least privilege by default: no one at SaathiX reads customer data unless a support ticket authorises it.
- Encrypt everything at rest and in transit.
- Log everything so we can audit later.
- Fail closed, alert loudly.
This page is maintained by SaathiX Technologies to answer common security questions about SaathiX ERP. It describes the controls we operate today, not a certification.
All customer data is hosted in India on an enterprise cloud with ISO 27001 and SOC 2 certified data centres. We do not replicate data outside India.
Automated backups run every 24 hours with a 30 day point in time restore. Restores are tested quarterly. Business continuity target: RPO 24 hours, RTO 4 hours.
Found something concerning? Please email security@saathix.com with steps to reproduce. We acknowledge within 24 hours and coordinate a fix. Please do not publicly disclose before we confirm the fix has shipped.
SaathiX secures the platform. You secure your account: use strong passwords, rotate PINs when staff leave, and review the audit log inside Settings monthly.
Reach the SaathiX legal and privacy desk at security@saathix.com. We respond within 2 working days.