POTAL
Back to Features
🔒

Data Encryption

ActiveSecurityMUSTFREE

What it does

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). API keys are stored as SHA-256 hashes — plaintext keys are never persisted. Database connections use SSL, and backups are encrypted with separate key management.

How to use it

1

Use HTTPS only

All API requests must use HTTPS. HTTP requests are automatically redirected to HTTPS.

2

Verify TLS

POTAL enforces TLS 1.2+ on all connections. Check your client supports modern TLS versions.

3

Protect API keys

Store API keys in environment variables or secret managers — never in source code or client-side code.

4

Request data deletion

Under GDPR, request deletion of all stored data including encrypted backups.

Related Features

🔒Access Control

Granular API key scopes with row-level security enforcement

🔒Security Headers

CSP, HSTS, X-Frame-Options, and OWASP-compliant headers

🛠️Multi-tenant

Full multi-tenancy with row-level security data isolation

🛠️API Key Auth

Secure API key authentication with scope-based permissions

📋GDPR Compliance

Full GDPR compliance with data export and deletion rights

Having issues?

🐛 Report a Bug Ask a Question💡 Suggest Improvement