The SĪQN Intelligence platform operates on dedicated cloud infrastructure hosted by a US-based infrastructure provider. The platform does not run on shared consumer hosting. All server environments are access-controlled and not publicly accessible except through defined application endpoints.
All traffic between subscribers and the platform is encrypted in transit via TLS. The platform enforces HTTPS on all routes and does not serve content over unencrypted HTTP connections.
Subscriber data — including account information, filter preferences, and behavioral event data — is stored in a self-hosted relational database on private infrastructure. The database is not publicly accessible and is reachable only from the application layer over a local network interface.
Sensitive credentials and API keys are stored as environment variables and are never embedded in application source code or version control.
Subscriber authentication is token-based. Access tokens are issued at login and validated on each authenticated request. Tokens are stored in the subscriber's browser and transmitted via secure HTTP headers.
Administrative platform functions are gated behind a separate owner-only access mechanism and are not accessible to subscriber accounts. There is no multi-tenant access mixing between subscriber sessions.
Intelligence briefs and platform notifications are delivered through a dedicated transactional email provider operating on an authenticated sending domain. The platform's sending domain is configured with SPF, DKIM, and DMARC records to reduce the risk of email spoofing or impersonation.
SĪQN Intelligence will never send emails requesting your password, payment credentials, or any sensitive personal information. If you receive a suspicious email purporting to be from SĪQN Intelligence, do not click any links and report it to security@siqncorp.com.
The platform integrates with a limited set of third-party services necessary for operation, including an AI content generation provider and a transactional email provider. All third-party integrations are implemented through abstracted service classes, allowing providers to be replaced without changes to core application logic.
Third-party providers do not receive direct database access and receive only the minimum data necessary to perform their specific function.
The platform operates continuous health monitoring with automated alerting for service interruptions, harvest failures, and anomalous conditions. Harvest operations run on a defined daily schedule with watchdog processes that detect and alert on missed or failed runs.
The Company targets high availability for subscriber-facing services but does not guarantee specific uptime SLAs at current service tiers. Planned maintenance will be communicated to subscribers in advance where possible.
The platform codebase and dependencies are reviewed periodically for known vulnerabilities. The Company applies security patches to infrastructure and dependencies on a regular basis. No automated public vulnerability disclosure program currently exists, but security reports submitted to the contact address below are reviewed and addressed promptly.
In the event of a confirmed security incident affecting subscriber data, the Company will:
The Company does not commit to specific notification timelines beyond what is required by applicable law, which varies by jurisdiction and incident type.
Subscribers are responsible for maintaining the security of their account credentials and access tokens. You should not share your account access with unauthorized individuals. If you believe your account has been compromised, contact us immediately at security@siqncorp.com so access can be revoked and reissued.
Security-related questions or reports may be directed to: security@siqncorp.com