Security & Trust

Security is the product.

We ask customers to trust us with their compliance data, so we hold ourselves to the standards we help you meet. Here's how we protect your information.

Encryption everywhere

Data is encrypted in transit (TLS) and at rest. Secrets and keys are managed, rotated and access-controlled.

Least-privilege access

Role-based access, MFA and audit logging. People and services get only the access they need, and nothing more.

India data residency

Built India-first, with data residency options aligned to DPDP and sector requirements for regulated customers.

Monitoring & response

Continuous logging and monitoring, with a documented incident-response plan aligned to CERT-In timelines.

Vendor governance

Our own subprocessors are assessed and governed to the same standards we help customers apply to theirs.

DPDP-aligned by design

Consent, data-principal rights and retention are built into how we handle your data - we practise what we build.

Our posture

Working toward the standards we help you reach.

As an early-stage company, we're transparent about where we are.

In progress

ISO 27001

Building our ISMS toward certification, using Niyam itself to manage the controls and evidence.

In progress

SOC 2

Establishing continuous controls and evidence collection ahead of a Type II examination.

Live

DPDP alignment

Consent, notice, DSAR and breach processes operate on our own platform today.

Security questions or need our latest documentation? Email sales.niyam@flickerbytes.com.

Have a security question?

Our team is happy to walk through our controls, subprocessors and data handling.