Your Data Security is Our Priority
Manufacturers in regulated industries trust Trace Swift with their most sensitive business information—proprietary formulas, production records, supplier relationships, and customer data. We take that responsibility seriously.
Trace Swift is built from the ground up with security in mind. From infrastructure to application design, every decision prioritises the protection and confidentiality of your data.
🔒 Your Formulas Stay Yours
Complete Confidentiality
Your formulations represent years of R&D investment and competitive advantage. They are never shared, analysed, aggregated, or accessed by anyone outside your organisation. Period.
🏛️ Enterprise Infrastructure
AWS Cloud Platform
Trace Swift runs on Amazon Web Services, the same infrastructure trusted by pharmaceutical companies, financial institutions, and government agencies worldwide.
🇪🇺 EU Data Residency
GDPR Compliant
Your data is stored in AWS EU West (Ireland) region. It never leaves European borders, ensuring compliance with GDPR and other EU data protection requirements.
✓ Regulatory Ready
Audit Support
Our security practices support the documentation and data integrity requirements of FDA, EU GMP, BRC, ISO, and other regulatory frameworks your business operates under.
Infrastructure Security
Trace Swift is hosted entirely on Amazon Web Services (AWS), leveraging their world-class security infrastructure and compliance certifications.
AWS Security Foundation
✓ SOC 2 Certified Infrastructure
AWS maintains SOC 1, SOC 2, and SOC 3 certifications, with regular third-party audits verifying security controls for data centres and services.
✓ ISO 27001 Certified
AWS infrastructure is certified to ISO 27001, the international standard for information security management systems.
✓ Physical Security
AWS data centres feature 24/7 security staff, biometric access controls, video surveillance, and multiple layers of physical security.
✓ Network Security
DDoS protection, firewalls, and network isolation protect against external threats. All traffic flows through secure, monitored channels.
✓ Redundant Systems
Multiple availability zones ensure high availability and resilience. If one system fails, others take over automatically.
✓ Continuous Monitoring
AWS provides 24/7 monitoring of infrastructure health, security events, and potential threats across all services.
Our AWS Architecture
- Amazon RDS (PostgreSQL): Managed database service with automated patching, encryption, and high availability
- AWS Elastic Beanstalk: Managed application hosting with automatic scaling and health monitoring
- Amazon S3: Secure object storage for documents and files with encryption at rest
- Amazon CloudFront: Global content delivery with DDoS protection and HTTPS enforcement
- AWS Certificate Manager: Automated SSL/TLS certificate management for encrypted connections
- Amazon Route 53: Secure DNS with health checking and failover routing
Multi-Tenant Data Isolation
Trace Swift serves multiple manufacturing businesses on a shared platform. Ensuring complete data isolation between tenants is fundamental to our architecture.
Logical Data Separation
Database Architecture
Every record in Trace Swift is tagged with a tenant identifier. Database queries are automatically scoped to your organisation—it's impossible to accidentally access another tenant's data.
- Tenant-scoped database queries
- Row-level security enforcement
- Automatic tenant context in all operations
- No shared data between organisations
Application-Level Enforcement
Security by Design
Multi-tenancy isn't an afterthought—it's built into every layer of the application. Every API request, every database query, every file access is validated against your tenant context.
- Authentication required for all access
- Authorisation checks on every request
- Tenant validation at API layer
- Isolated file storage per tenant
Data Encryption
Your data is encrypted at every stage—in transit across networks and at rest in storage.
✓ Encryption in Transit
All connections to Trace Swift use TLS 1.2 or higher. Data travelling between your browser and our servers is encrypted and protected from interception.
✓ Encryption at Rest
Database storage is encrypted using AES-256, the same encryption standard used by banks and government agencies. Backups are also encrypted.
✓ HTTPS Everywhere
All Trace Swift traffic is served over HTTPS. HTTP connections are automatically redirected to secure HTTPS connections.
Backup and Recovery
Your production data is critical to your business operations. We implement comprehensive backup procedures to ensure it's never lost.
Automated Daily Backups
Data Protection
Your database is automatically backed up daily with point-in-time recovery capability. Backups are stored in geographically separate locations for disaster resilience.
- Daily automated backups
- Point-in-time recovery
- 35-day backup retention
- Encrypted backup storage
High Availability
Business Continuity
Trace Swift is deployed across multiple availability zones within the AWS EU West region. If one zone experiences issues, traffic automatically routes to healthy systems.
- Multi-AZ database deployment
- Automatic failover
- Load-balanced application servers
- Health monitoring and auto-recovery
Authentication and Access Control
Trace Swift uses Auth0, a leading identity management platform, to handle authentication and authorisation securely.
✓ Secure Authentication
Auth0 provides enterprise-grade authentication with protection against brute force attacks, credential stuffing, and other common threats.
✓ Password Security
Passwords are never stored in plain text. Industry-standard hashing algorithms protect credentials even in the unlikely event of a data breach.
✓ Session Management
Secure session handling with automatic timeout for inactive sessions. JWT tokens ensure authenticated access to all resources.
✓ Role-Based Permissions
Control what each team member can access. Assign roles that determine module access and available actions—production staff can record batches without accessing formulas or pricing.
✓ Separation of Duties
Meet audit requirements for segregated responsibilities. Different users handle goods receipt, production recording, and quality release—with the system enforcing boundaries.
✓ Audit Attribution
Every action is logged with the user who performed it. Complete accountability for who created, modified, or approved records—essential for regulatory compliance.
Payment Security
Trace Swift uses Stripe for all payment processing. We never see, store, or have access to your credit card details.
Stripe Payment Processing
PCI DSS Level 1 Certified
Stripe is a PCI Service Provider Level 1 certified payment processor—the highest level of certification in the payments industry. Your card details are handled entirely by Stripe's secure infrastructure.
- PCI DSS Level 1 compliance
- Card details never touch our servers
- Tokenised payment methods
- Fraud detection and prevention
What We Don't Store
Your Card Security
Trace Swift never stores credit card numbers, CVV codes, or other sensitive payment details. We only receive confirmation of successful payments from Stripe.
- No credit card numbers stored
- No CVV/CVC codes stored
- No bank account details stored
- Subscription managed via Stripe portal
Data Protection and Privacy
We're committed to protecting your privacy and handling your data responsibly.
✓ GDPR Compliant
Trace Swift is fully compliant with the EU General Data Protection Regulation. You have rights to access, correct, and delete your personal data.
✓ Data Ownership
You own your data. Your formulas, production records, and business information belong to you. We're simply custodians providing a service.
✓ No Data Selling
We never sell, share, or monetise your data. Your information is used solely to provide the Trace Swift service to you.
✓ Data Export
Your data belongs to you. If you need an export of your records, contact support and we'll provide your data in a standard format.
✓ Data Deletion
When you cancel your subscription, you can request complete deletion of your data from our systems, including backups.
✓ Transparent Policies
Our Privacy Policy and Terms of Service clearly explain how we handle your data. No hidden clauses.
Proprietary Information Protection
For manufacturers, formulas are crown jewels. We understand this and have built Trace Swift with formula confidentiality as a core principle.
Your Formulas Are Sacred
Complete Confidentiality Commitment
We want to be absolutely clear about how we treat your proprietary information:
- No access: Trace Swift staff do not access your formulas, production data, or business records unless required for support you've requested
- No analysis: We do not analyse, aggregate, or mine your data for insights, trends, or any other purpose
- No sharing: Your data is never shared with third parties, partners, or other customers under any circumstances
- No AI training: Your formulas and production data are never used to train AI models or improve algorithms
- No benchmarking: We do not compare your data against other customers or create industry benchmarks from customer data
Regulatory Compliance Support
Trace Swift's security practices support the requirements of major regulatory frameworks.
FDA 21 CFR Part 11
Electronic Records
Trace Swift provides features supporting Part 11 compliance:
- User authentication and access controls
- Audit trails with timestamps
- Electronic record integrity
- System access logging
EU GMP Annex 11
Computerised Systems
Our system supports Annex 11 requirements:
- Data integrity controls
- Audit trail functionality
- Access management
- Backup and recovery procedures
Operational Security
✓ Regular Updates
We regularly update our systems with security patches and improvements. AWS managed services handle infrastructure patching automatically.
✓ Dependency Management
Third-party libraries and dependencies are monitored for security vulnerabilities and updated promptly when issues are identified.
✓ Secure Development
Security is built into our development process. Code reviews, testing, and security considerations are part of every release.
Frequently Asked Questions
Where is my data stored?
Your data is stored on AWS servers in the EU West (Ireland) region. All data—including backups—remains within the European Union, ensuring GDPR compliance and data sovereignty.
Can Trace Swift staff access my formulas?
No. Our staff do not access customer data as part of normal operations. In rare cases where support requires data access (e.g., troubleshooting a specific issue you've reported), this is done only with your knowledge and is logged.
What happens to my data if I cancel?
You can export your data before cancellation. After cancellation, your data is retained for 30 days in case you change your mind, then permanently deleted. You can request immediate deletion if preferred.
Is Trace Swift SOC 2 certified?
Trace Swift itself is not currently SOC 2 certified. However, we run entirely on AWS infrastructure which maintains SOC 2 certification, and we follow security best practices aligned with SOC 2 principles.
Can I use Trace Swift for FDA-regulated products?
Trace Swift provides features that support FDA compliance, including audit trails and access controls. However, compliance is ultimately your responsibility based on how you implement and validate the system. We recommend assessing the system against your specific 21 CFR Part 11 requirements.
How do I report a security concern?
If you discover a potential security vulnerability, please contact us immediately at support@traceswift.com. We take all reports seriously and will respond promptly.
Questions About Security?
We're happy to discuss our security practices in more detail. Contact us with any questions about how we protect your data.
Contact Us