← Back to Home
Trust & Security
Last Updated: May 14, 2026
POG ERP is built and operated by a small US-based team. We take security seriously because your business depends on it. This page summarizes how we protect your data, who we share it with, and how to reach us with questions.
Where your data lives
Customer data is hosted in Oracle Cloud Infrastructure, US-East region (Ashburn, Virginia). Data does not leave the United States in normal operation. Static assets and DNS are served through Cloudflare's global edge network.
Encryption
- In transit: TLS 1.3 enforced for all customer connections (HTTPS only, HSTS enabled).
- At rest: Database volumes and backups are encrypted with AES-256. Sensitive application secrets use Fernet symmetric encryption.
Authentication & access
- Email + password authentication with bcrypt password hashing (industry-standard cost factor).
- TOTP-based two-factor authentication available for all accounts.
- Server-side session management with rotation on privilege changes.
- Role-based access controls inside the application.
- SSH access to the production server is key-based only; password authentication is disabled.
Sub-processors
POG ERP uses the following sub-processors to provide the Service. We notify customers of material changes to this list.
| Sub-Processor | Purpose | Location |
|---|
| Oracle Cloud | Infrastructure hosting, database, storage | United States |
| Cloudflare | CDN, DNS, edge security | Global |
| Stripe | Payment processing and billing | United States |
| Wisetack | Customer financing offers | United States |
| Twilio | SMS messaging (A2P 10DLC) | United States |
| Telnyx | Voice and SMS infrastructure | United States |
| Vonage | Voice messaging fallback | United States |
| Deepgram | Voicemail transcription | United States |
| Google (Gemini) | AI follow-up generation | United States |
| Groq | AI inference fallback | United States |
| Sentry | Error monitoring and alerting | United States |
| OpenStreetMap (Nominatim) | Address geocoding | Global |
| GitHub | Source control and deploy pipeline | United States |
Backups & disaster recovery
- Automated daily database backups at 02:00 UTC.
- Off-site backup copies, encrypted before transit.
- Restore procedure is documented and tested at least every 6 weeks.
- Recovery Time Objective (RTO): 4 hours.
- Recovery Point Objective (RPO): 24 hours.
Monitoring & reliability
- Sentry application error tracking with on-call alerts.
- Healthcheck cron runs every 5 minutes with auto-recovery on failure.
- External uptime monitoring with status alerts.
- Weekly SSL certificate expiry check.
- Maintenance mode for planned changes that require write downtime.
Compliance
- TCPA — SMS consent, opt-out keywords (STOP/UNSUBSCRIBE/CANCEL/QUIT/END), quiet hours, and send-rate limits enforced server-side.
- CAN-SPAM — physical address and one-click unsubscribe on all marketing email.
- Maryland two-party consent — recorded voice calls disclose recording and obtain consent before retention.
- A2P 10DLC brand and campaign registered for SMS sending.
Application security
- Content Security Policy (CSP) with per-request nonces; no inline scripts.
- CSRF tokens on all state-changing requests.
- Rate limiting on authentication and public endpoints.
- Webhook signature validation for Stripe, Twilio, Telnyx, and other inbound webhooks.
- Parameterized SQL throughout the application (no string-built queries).
- Dependency vulnerability scanning (pip-audit) in CI on every change to the requirements lockfile.
Incident response
We follow a documented incident playbook. Confirmed security incidents affecting customer data are reported to affected customers without undue delay and within 72 hours of confirmation, in line with our Data Processing Agreement.
Reporting a vulnerability
If you believe you've found a security issue, please email management@potomacops.com with details. We'll acknowledge receipt within 2 business days. Please do not publicly disclose until we've had a chance to investigate and remediate.