Security at SHIFT

Your client data and financial records deserve the same security standards used by banks and healthcare systems. Here is how SHIFT protects them.

Last updated: April 13, 2026

Payment Security

Client payment data never touches SHIFT's servers. All card data is processed directly by Stripe, which is PCI-DSS Level 1 certified — the highest level of payment security certification. SHIFT does not store card numbers, CVVs, or bank account details.

Infrastructure

SHIFT runs on Google Cloud Platform (GCP) in US data centers. Data is encrypted in transit via TLS 1.2+ and at rest via AES-256. Firebase Authentication handles identity with industry-standard protocols. Cloud SQL PostgreSQL instances run in private VPCs with automated backups.

Tenant Isolation

Every business on SHIFT operates in a fully isolated tenant boundary. Data isolation is enforced at three layers: database (row-level security policies), API (tenant-scoped authentication tokens), and application (runtime context validation). No business can access another business's data.

Access Controls

Role-based access control ensures providers see only their own data and owners see their entire business. All API endpoints require authentication. Administrative access to production systems requires multi-factor authentication and is logged for audit.

How does SHIFT ensure financial data integrity?

SHIFT's financial ledger uses PostgreSQL with immutability triggers that physically prevent modification of financial records after they are written. Every transaction is recorded as a double-entry journal entry with debits and credits that must balance. This is the same accounting standard used by banks and regulated financial institutions.

Nightly reconciliation jobs verify that the internal ledger and Stripe agree to the penny. Any discrepancy triggers an alert. Monthly financial statements are generated from the ledger, providing auditable, tax-ready records that your accountant can trust.

How is SHIFT protected against attacks?

SHIFT uses Cloudflare for DDoS protection and CDN delivery. Cloudflare Turnstile provides bot protection on public-facing forms without CAPTCHAs. Rate limiting is applied at both the CDN edge and application layer to prevent abuse.

Application-level security includes input validation on all endpoints, parameterized database queries to prevent SQL injection, Content Security Policy headers, and automated dependency vulnerability scanning. Error tracking via Sentry ensures issues are detected and resolved quickly.

What is SHIFT's data retention policy?

Account data is retained for 90 days after account deletion to allow for reactivation. Financial records are retained for 7 years to comply with tax reporting requirements. Clients can request deletion of their personal data at any time via their provider.

SHIFT supports CCPA and GDPR data subject requests. Business owners can export all their data in CSV format at any time. Deletion requests are processed within 30 days.

Questions about security?

Contact us at support@goingshift.com for security-related inquiries.

Get Started Free

We use cookies to improve your experience. Privacy Policy