Trust Center

Start your security review
View & download sensitive information
Ask for information
Search items

Formal is a technology company with the mission of helping companies have zero-data breaches.

We build a security and governance layer for enterprises' data stores such as Postgres, s3, Kafka, and more.

Our experience from working closely with companies with sensitive data in industries like fintech and health tech made us realize that most CSOs, DPOs and CTOs) does not have visibility to how data is produced, used, and consumed. This is the leading cause of data breaches, lack of control, and unmet regulatory requirements.

Therefore, Formal is a solution to bring data observability and governance to any company and abstract the technical complexity of such monitoring to decrease their data breach and compliance burden.

Security Overview:

  • Data encrypted at rest and in transit. We use AWS RDS to manage our Postgres database. Our data is encrypted at rest and in transit with the industry-standard AES-256 encryption algorithm.
  • Data Durability. All database data is backed up automatically once a day. That data is stored in 3 availability zones for data redundancy.
  • Secrets, passwords, and API Keys are securely stored and encrypted thanks to AWS Secret Manager. All secrets are rotated once a month.

We adhere to industry best practices and we are working towards compliance certifications.

Start your security review
View & download sensitive information
Ask for information


Backup Policy

We follow industry best practices for endpoint security. We are happy to provide more details about our endpoint security practices upon request.

We implement internal measures and practices to maintain a high standard of security.

Powered bySafeBase Logo