SG
SettleGate

Security at Every Layer

Business sale documents contain some of the most sensitive financial and legal information. SettleGate is built from the ground up to protect it.

Encryption

  • AES-256 encryption for all data at rest
  • TLS 1.3 encryption for all data in transit
  • Encrypted database connections with connection pooling
  • Secure presigned URLs for document access with automatic expiry

Australian Data Residency

  • All data stored in AWS Sydney region (ap-southeast-2)
  • PostgreSQL database hosted on Australian infrastructure
  • S3 document storage in Australian data centres
  • Your data never leaves Australian jurisdiction

Access Controls

  • Role-based access: broker, vendor, buyer, accountant, lawyer
  • Granular per-participant permissions (view docs, upload, settlement, messaging)
  • Organisation-level user management with admin/broker/support roles
  • Workspace-level participant management with invite/revoke controls
  • Access revocation takes effect immediately across all sessions

Audit Trail

  • Every action logged with timestamp, user ID, and action type
  • Document download logging with IP address tracking
  • Settlement worksheet change history
  • Organisation-wide and workspace-level activity feeds
  • Immutable audit records for compliance reporting

Document Security

  • Four-tier visibility controls: all parties, broker-vendor, broker-buyer, broker-only
  • Automatic PDF watermarking with participant name and timestamp
  • Presigned download URLs with configurable expiry
  • Document version tracking — every upload creates a new version
  • Download count tracking for compliance auditing

Authentication & Identity

  • Clerk-powered authentication with MFA support
  • Email-verified invitations for all workspace participants
  • Identity document upload and verification for vendors and buyers
  • Organisation-based multi-tenancy with strict data isolation
  • Session management with automatic timeout

Compliance

  • Built to SOC 2 Type II standards
  • Data retention policies configurable per organisation
  • Automatic workspace archival after configurable periods
  • Settlement completion records with digital seal hashes
  • Ready for Australian Privacy Principles (APP) compliance

Infrastructure

  • Deployed on Vercel with automatic scaling
  • Database hosted on managed PostgreSQL with daily backups
  • CDN-delivered static assets for performance
  • Real-time updates via Pusher with graceful degradation
  • Zero-downtime deployments with preview environments

Questions about security?

We're happy to discuss our security practices in detail. Register your interest and we'll schedule a call.

Get in Touch