Trust
A summary of the controls we apply to keep your workspace data isolated, auditable, and yours.
Every record is scoped to a single workspace. Database-level access rules ensure members of one workspace cannot read or modify another workspace's projects, approvals, purchase requests, or budgets.
Sensitive actions — editing projects, approving requests, changing billing — are restricted to members holding the appropriate role (Manager, Director, or Workspace Admin). These checks are enforced server-side; we never trust the client alone.
Approval decisions are stamped with the signed-in approver's identity automatically. The requester, request type, and required-approver role on an approval cannot be edited after it has been created, so the historical record stays trustworthy.
Stripe customer identifiers and subscription details are visible only to the Workspace Admin who owns the subscription. Other members see only what they need (current plan tier and seat count).
We support email + password and Google sign-in. Passwords are handled by our authentication provider and are never visible to Zevolo. We recommend enabling leaked-password protection in your workspace settings.
Workspace Admins can export records and manage member access at any time from the Members & Billing page. Deleting a workspace removes the associated data on request.
Please email security@nightingalesoftware.co.uk with the details. We aim to acknowledge reports within two business days.
This page describes practices we implement in the app. It is not a third-party certification and does not imply formal compliance attestation. Back to home.