Security at TeamMaven

Last updated: July 1, 2025

Built for trust. Backed by strong defaults.

We take the security of your data seriously, and we’ve made key design choices to keep your information safe, compliant, and in your control.

Hosting & Infrastructure

  • TeamMaven is hosted on Microsoft Azure, with all infrastructure and data located in European data centers, fully aligned with GDPR requirements.
  • The platform is built on a multi-tenant architecture, with each customer’s data logically separated using strict organisation IDs across all operations.
  • All data is encrypted at rest using Transparent Data Encryption (TDE) with AES-256, and encrypted in transit using TLS 1.3.

Access Control & Permissions

  • TeamMaven uses role-based access control (RBAC). Admins have full access to setup and reporting; team members have limited access to their own data and assigned responsibilities.
  • Internally, access to customer data is restricted and changes are tracked via CreatedBy and ModifiedBy fields on all records.

Authentication & Account Security

  • We support Multi-Factor Authentication (MFA) across all accounts.
  • Passwords are securely stored using salted hashing, and we enforce a minimum password length.
  • Additional security policies (e.g. password entropy or rotation) are being rolled out progressively.

Backups & Availability

  • We use Azure SQL’s automated backup system, with:
    • Point-in-time restore (PITR) available for up to 35 days
    • Differential backups every 12 hours
  • We monitor the platform using Azure’s infrastructure tools and live error logging, critical issues are surfaced immediately to our technical team for rapid response.

GDPR & Compliance

  • All customer data is stored exclusively in the EU.
  • We offer a standard Data Processing Agreement (DPA) on request and are happy to review customer-supplied agreements as part of onboarding.
  • Customers can request data deletion or export at any time, and we’ll process it quickly and transparently.

Subprocessors

  • We work with a small number of trusted vendors to support operations such as email delivery and hosting.
  • Each vendor is manually reviewed before onboarding.
  • See our sub-processor list.

Incident Response

  • We monitor the platform in real time using Azure tools and direct error logging into internal alerting systems.
  • While we don’t yet have a formal incident response document, we operate as a focused team committed to rapid triage and resolution. When something goes wrong, we know about it and we fix it fast.

Questions?

Need a completed security questionnaire or more details for your IT team? We’re happy to provide them.

Contact info@teammaven.io for more detailed questions.

TeamMaven
About usContact UsPricingBlogSign In
Platform
Performance ReviewsRole ExpectationsGoals & AlignmentRecognition & CultureReporting & Admin
Support
Knowledge HubPrivacy PolicyTerms of UseSub-ProcessorsSecurity
Follow us

Copyright © 2025 TeamMaven. All rights reserved.