Security & Trust
UAB APP FOREST · Version 1.0 · Last updated
Draft — effective at launch, last updated . UAB APP FOREST is in formation. This policy is published for transparency and takes legal effect once the company is incorporated and its registration details are completed.
This page explains how Foresttasks protects your data and your trust. We describe what we actually do — and, just as importantly, what we do not yet claim. Security is a property of the whole system, so the controls below run from the database up to the network edge.
Security philosophy
We own the whole stack rather than stitching together opaque third-party platforms. Owning the database, the application, and the deployment keeps the feedback honest and the attack surface small: when something breaks, it is ours to understand and fix. Our default is privacy by architecture — the safest data is the data we never collect, and the safest secret is one we cannot read.
Data protection
- Encryption in transit. All traffic to and from Foresttasks is served over TLS (HTTPS). Plaintext connections are not accepted.
- Encryption at rest for secrets. Sensitive secrets — including your bring-your-own-AI provider keys and integration credentials — are encrypted at rest with AES-256-GCM, scoped per organisation. Each organisation’s secrets are sealed separately.
- Primary data in PostgreSQL, hosted in the EU. Your tasks, projects, and activity live in a PostgreSQL database hosted in the European Union.
Access control & tenancy
Scoped API keys
Programmatic access uses API keys that carry explicit scopes (read, write, delete). A key only grants what it is scoped for, so you can issue narrow, purpose-built credentials instead of all-or-nothing access.
Agents as least-privilege principals
Agents are first-class principals, not shared logins. Each agent gets its own least-privilege scopes and an optional project allow-list, so an agent can be confined to exactly the projects and actions it needs.
Organisation isolation
Every record is bound to its organisation, and access is enforced against the authenticated principal’s organisation on every request. Data does not cross organisation boundaries.
Auditability
Foresttasks records who did what. Verification evidence is written to an append-only, tamper-evident provenance spine: entries cannot be edited or quietly deleted after the fact, and the actor on each entry is derived from the authenticated server-side principal rather than self-reported by the client. Alongside it, a broader activity timeline captures claims, status changes, comments, and links so you can reconstruct the history of any item.
Application & network security
- Edge protection. Cloudflare fronts the service for DNS, CDN, and web-application-firewall (WAF) filtering, absorbing common attacks before they reach the application.
- Signed outbound webhooks. Outbound webhook deliveries are HMAC-signed so your endpoints can verify that a payload genuinely came from us and was not tampered with in transit.
- Hardened public endpoints. Public-facing endpoints are rate-limited and protected with honeypot measures to deter abuse and automated probing.
Privacy by design
- No third-party analytics or tracking. We run no third-party analytics, advertising, tracking, or behavioural telemetry. We do not build profiles of you and we do not sell data.
- Essential cookies only. We set only the cookies strictly necessary to run the service (such as keeping you signed in) — which is why there is no consent banner. See our Cookie Policy.
- Bring-your-own-key AI. AI features use your own provider key, so your task data is sent to the provider you choose under your account — not pooled into a shared model we operate.
Hosting & data residency
Foresttasks is self-hosted on infrastructure in a single European Union region. Your primary data is not scattered across a patchwork of third-party clouds; it lives in one place we control, within the EU. The third parties that may process limited data on our behalf — and exactly what each receives — are listed in our Sub-processors page.
Reliability
Database schema changes are applied through boot-time migrations that must succeed before the application will serve traffic, so a half-applied schema does not go live. We take routine backups of the primary database. We describe this plainly and do not promise a specific uptime figure or recovery objective beyond what is stated in your agreement.
Responsible disclosure
If you believe you have found a security vulnerability, please report it to security@foresttasks.app. We will investigate every good-faith report and respond. We ask that you give us a reasonable opportunity to investigate and remediate before disclosing the issue publicly, and that you avoid privacy violations, data destruction, or service disruption while testing. We will not pursue good-faith researchers who follow this policy.
What we don’t claim yet
We would rather be trusted than impressive. Foresttasks does not currently hold formal third-party security certifications such as SOC 2 or ISO 27001, and we do not imply otherwise. The controls described above are what we genuinely operate today; if and when we pursue formal attestations, we will say so here explicitly.
Related documents
- Privacy Policy — what personal data we process and your rights.
- Data Processing Agreement — Article 28 terms for customers acting as data controllers.
- Sub-processors — the third parties that may process data on our behalf.