Our foundation.
Security. Privacy.
Your trust is our foundation.
We protect your data with enterprise-grade security and unwavering compliance.
Built for security
Every layer of MasterAlp is designed to protect your data and respect your privacy.
Encryption in transit & at rest
TLS 1.2+ for every request; data at rest encrypted by the underlying managed database and object storage.
Role-based access
Students, professors, and admins each see only the data their role and enrollment grant — enforced server-side on every request.
Managed cloud infrastructure
Runs on Google Cloud Run + Supabase Postgres. No data stored on developer laptops or self-managed servers.
Audit & error monitoring
Auth events, admin actions, and runtime errors are logged and monitored via Sentry and structured logs.
Where we are on compliance
MasterAlp is an early-stage product running its first institutional pilots. We list the standards we're aligned with today and the audits we're working toward — we don't claim certifications we haven't earned.
FERPA-aligned
Built with FERPA principles for student educational records.
GDPR-aware
Data export and deletion endpoints available to every user.
SOC 2
Not yet audited — designing controls toward Type I readiness.
ISO 27001
Not currently certified.
Your data. Your rights.
We never sell your data. You own your data, and you can export or delete it anytime.
Read our Privacy PolicyExport your data as JSON or CSV
Delete your data at any time
No AI training on your data
Questions about security?
Our team is happy to share our detailed security documentation and compliance reports.
Talk to our team