Statement of protections
Security & trust — specific, not vague.
Honest and specific beats certified-and-vague. Here is exactly how your equity data is protected — in terms you can verify.
01
Your cap table cannot be silently edited
Saral’s ledger is append-only, enforced by the database itself in three layers: write privileges on the transaction log are revoked (even for our own service role), a trigger refuses UPDATE and DELETE, and every view of your cap table is computed by replaying the log. A mistake is corrected with a reversing entry that stays visible — the way an accounting ledger works, because that is what this is.
We prove this on production, not in a slide: our safety checks attempt to mutate ledger rows with the highest-privilege key and verify they are refused, every time we change infrastructure.
02
Tenant isolation at the database row
Every table carrying company data has Row-Level Security keyed on the company. Your investors see their own position; your employees see their own grants; a diligence viewer sees the folders you granted — enforced by Postgres policies, not just application code. Our test suite includes cross-company proofs: an account with positions in two companies sees both, and sees nothing of a third.
03
Data lives in Mumbai
Databases and file storage run in AWS ap-south-1 (Mumbai). Indian data residency is a design constraint here, not an option we upsell.
04
Backups that have actually been restored
Nightly logical backups, AES-256-encrypted at rest, 30-day retention. The restore path is not theoretical: our recovery drill decrypts a real backup and replays it into a fresh Postgres, verifying tables, row counts and that the append-only protections survived. We run that drill against real dumps, and the scripts live in our repository.
Recovery objectives, stated honestly: up to 24 hours of data loss in the worst case (the nightly cadence), with restoration to a fresh environment in roughly an hour. Point-in-time recovery is on our roadmap as we grow.
05
DPDP posture
CapEasy builds Pramaan — a DPDP compliance product — so India’s data-protection law is not an afterthought here; it is a sibling product’s entire job. Saral collects the minimum personal data the equity workflows need (names, emails, PANs where statute requires them), processes it for those workflows only, and deletes on verified request.
No advertising, no data resale, no lookalike audiences — ever. Our business model is subscription software; you are the customer, not the product.
06
The boundaries we keep on purpose
Saral prepares documents; a practising CS/CA files and certifies. Free calculators are computational illustrations, not advice. Where the law is disputed (Delhi stamp duty, for instance), the product shows both readings and says “take professional advice” instead of guessing. Trust is built by being specific about what we do not do.
Security question we haven't answered here? Write to ayush@capeasy.in — you'll get a specific answer, not a brochure.