Your data is yours.

We built Tayloz with one principle: never see what we don't need to see.Here's exactly how we protect your tenant data, your customers, and your business.

Strict tenant isolation

Every database query is auto-scoped to your tenant_id via our TenantScopedDB middleware. No route — not even an internal one — can leak data across tenants.

Support access requires your opt-in

Platform support can only access your account when you explicitly grant a 24-hour window from Admin → Security. No backdoor, no shadow logins.

Read-only by default during support

Even with your grant, support sessions are read-only. Any write requires a second explicit confirmation, all loudly audited.

Transparent audit log

Every platform access event — viewer, reason, duration, write mode — lives in your security log. Download anytime as CSV.

Short-lived tokens

Support tokens expire in 15 minutes. Even mid-session, we re-issue tokens whenever scope changes, so old credentials can't be replayed.

Per-tenant Stripe & SMTP

Your billing, your email config — all tenant-scoped. Platform admins never see your customers' payment methods or PII at rest.

Have a specific security question?

We're transparent about every detail. Just ask.

security@tayloz.com
© 2026 Tayloz. We treat your data the way we want our own treated.