Putting CRM, accounting, HR, and helpdesk on one platform raises real questions. Below is how we answer them — by design, by architecture, and by default. Email [email protected] if anything below isn't enough.
No badge theater. Here's the architecture that protects your data — verifiable in how the platform is built and operated, not in a framed certificate.
Most platforms put every customer in one big shared database and separate you with an account_id column. Mewayz doesn't. Each tenant gets its own database and environment — and every white-label partner gets a fully isolated box of their own.
Your records live in a database provisioned for your workspace alone — not a shared table separated by a filter. No noisy-neighbor performance, no cross-tenant query surface, no “one bad WHERE clause leaks everyone” risk.
Every white-label partner is provisioned with their own Linux user, database, and file space — automatically, in about two minutes. A partner's clients, files, and data stay inside that partner's box. Nothing is co-mingled.
Mewayz runs a separate app instance, database, and environment in each region. Your data is created and stays in the region you pick at signup — EU, US, or APAC — so residency and low latency are the default, not an add-on.
These are the rules our security team designs to. They are not aspirational — they are the gates a feature has to pass before it ships.
We don't sell aggregated insights. We don't train ML models on your records. We don't read inbound emails to product-market. Your data is the product we host, not a feedstock.
One click in Settings exports everything in standard formats. We make leaving easy on purpose. The best customer is the one who knows they can leave and chooses not to.
AES-256 at rest. TLS 1.3 in transit. Key management via AWS KMS with customer-managed-key option on Agency tier. No "we'll encrypt premium customers" tiering.
Employees access customer data only under audit, only when a customer has opened a support ticket asking them to, and only for the records the ticket pertains to. Every access logged, indefinitely.
Pick EU, US, or APAC region at signup. Data stays in-region by default. Cross-region replication is opt-in, with explicit consent in the DPA.
If we have a security incident affecting customer data, we notify affected customers within 72 hours of confirming impact. No exceptions, no PR-approved delay windows.
Choose at signup. Cannot be changed after data is loaded without a planned migration. Sub-processors per region listed on the trust portal.
| Region | Primary AZs | Hosted by | Backups | Sub-processors |
|---|---|---|---|---|
| EU | Frankfurt · Dublin · Stockholm | AWS eu-central-1, eu-west-1, eu-north-1 | In-region · 35 days | EU only |
| US | Virginia · Oregon · Ohio | AWS us-east-1, us-west-2, us-east-2 | In-region · 35 days | US only |
| APAC | Singapore · Tokyo · Mumbai | AWS ap-southeast-1, ap-northeast-1, ap-south-1 | In-region · 35 days | Regional |
99.95% uptime SLA on Business, 99.99% on Agency. Multi-AZ deployments with automatic failover. Tested DR runbooks executed quarterly. Public status page at status.mewayz.com.
Point-in-time recovery to any moment in the last 35 days. Hourly snapshots for the last 7 days. Restoration tested monthly. RTO 4 hours; RPO 15 minutes.
SSO via SAML 2.0 / OIDC on Business+. SCIM provisioning on Agency. MFA required for all admin accounts. Role-based access with 14 default roles plus custom-role builder.
Every action in the platform is logged to an immutable audit trail. Retained for 7 years. Streamable to Splunk / Datadog / Elastic via integration. Suspicious-activity alerting built in.
Annual security review of every sub-processor. Tier-1 vendors (AWS, Stripe, Twilio) under direct contract. Tier-2 list published; 30-day notice before adding new ones.
External pen-test twice a year. Internal red-team quarterly. Bug bounty program with HackerOne — rewards from $250 (low) to $10,000 (critical). Published scope, no NDAs needed.
On infrastructure we operate ourselves — our own database and mail server running on AWS EC2 behind Cloudflare. It isn't handed off to a chain of third-party SaaS vendors. That's what "self-hosted stack" means: your core data stays inside the regime we control. Two exceptions, both under your control: card data is handled by Stripe (PCI DSS Level 1) so we never store raw card numbers, and AI features call OpenAI, Anthropic, or Google using your own API key — which you can configure or disable.
Yes. We have a standard DPA most procurement teams accept as-is. Custom DPAs are reviewed by counsel — usually approved within 5 business days.
In the region you select at signup. EU-region data stays in EU. US in US. APAC in APAC. No silent cross-region replication.
By default, no. Access requires a customer-initiated support ticket and explicit role grant. Every access is logged and surfaceable to you on request.
72-hour notification to affected customers. Public incident report after remediation. We don't time disclosures around press cycles.
Cancel your account in Settings → Account. After 30 days, data is purged from production. Backups age out at 35 days. Audit logs retain account metadata for 7 years (legal requirement); content data is purged.
No. Customer data is never used to train models. AI features use customer data only for the immediate request (e.g. drafting an email for this customer) and the request is not retained by the model provider.
HackerOne program at hackerone.com/mewayz. We respond within 1 business day for critical reports. Rewards from $250–$10,000. No NDAs; published scope.
We publish a trust portal with every report, sub-processor, and policy. Email [email protected] to get the latest.