Legal
Security
Effective: May 18, 2026
Security is treated as a product feature at Raqeem. This page summarizes the controls we have in place to protect customer data.
1. Encryption
All traffic to raqeem.app and app.raqeem.app is served exclusively over TLS 1.2+. Customer data is encrypted at rest using AES-256 in the underlying managed database.
2. Access control
Production access is restricted to a small set of engineers, requires hardware-backed multi-factor authentication, and is audited. Customer-facing access is gated by per-tenant RBAC and JWT-based authentication.
3. Tenant isolation
Raqeem is a multi-tenant SaaS. Every API call is scoped by tenant ID enforced both at the application layer and at the database row level to prevent cross-tenant data exposure.
4. Backups and recovery
The primary database has point-in-time recovery enabled with a multi-day window, and routine backups are tested to verify restorability.
5. Vulnerability management
Dependencies are scanned continuously, critical patches are applied on an expedited schedule, and we engage independent reviewers for periodic assessments.
6. Reporting a vulnerability
If you believe you have found a security issue, please email security@raqeem.app with details. We acknowledge reports within two business days and will keep you informed during triage and remediation.
Questions about this document? Reach our team at hello@raqeem.app and we'll respond within two business days.