Security
How we keep your data safe.
Protecting athlete and organisation data is core to everything we build. Security is designed into the platform, not bolted on afterwards.
Our practices
- Encryption in transit (TLS) and at rest for all stored data.
- Strict tenant isolation — every record is scoped to its organisation.
- Role-based access control so users only see what their role permits.
- Signed, HTTP-only session cookies to protect authentication.
- Continuous monitoring and regular dependency updates.
Reporting a vulnerability
If you believe you've found a security issue, please email security@sprtiq.com. We take all reports seriously and will acknowledge your message promptly.