Flightcontrol Security & Compliance

Security

Flightcontrol has a deep commitment to data privacy and security in everything we do. We consistently monitor and ensure we meet our security and reliability standards.

Access to your AWS

Flightcontrol securely accesses your account via an IAM AssumeRole access. This role is created using a CloudFormation stack. Our dashboard walks you through this process. Deleting this CloudFormation stack will permanently revoke our access.

Flightcontrol has systems in place to prevent employee access to users' AWS accounts.

Sensitive information

Flightcontrol stores sensitive user information like environment variable secrets inside your AWS account.

Responsible Disclosure

Flightcontrol encourages responsible disclosure of security vulnerabilities. Independent security experts and researchers can report security issues to security@flightcontrol.dev

Security Contact

Contact our Security Officer at security@flightcontrol.dev, and we'll respond as soon as practical.

Compliance

SOC 2 Type II

Flightcontrol is currently in the review period for SOC 2 Type II. We expect to have our first report around October 2024.

HIPAA

Flightcontrol is HIPAA ready. You typically only need a BAA with AWS because Flightcontrol doesn't store or process any of your user data. Reach out if you have questions.

GDPR

Refer to the "European Union and United Kingdom Data Subject Rights" section in our Privacy Policy (opens in a new tab).