Security & Compliance

AnyMK handles workspace, field workflow, account, report, and media data. Security is treated as an active product responsibility across the mobile app, web workspace, and backend services.

We use standard encryption controls to protect data in transit and at rest:

• In Transit: application traffic is served over HTTPS/TLS.
• At Rest: production storage is managed through cloud and database providers with encryption controls.
• Mobile: sensitive mobile session material is stored using platform secure storage where available.

Our infrastructure uses managed services and application controls appropriate for the current product:

• Managed hosting and database infrastructure
• Security patching and dependency updates as part of maintenance
• Network isolation and firewall protection
• Rate limiting and request validation where appropriate

We implement access controls to keep workspace data scoped to authorized users:

• Account sign-in for web and mobile users
• Tenant-scoped workspace access and membership checks
• Role and permission controls inside the admin workspace
• Separate access paths for invited users and platform administrators

Our development practices prioritize secure handling of workspace data:

• Code review for authentication, billing, sync, and tenant access changes
• Automated build and type checks before release
• Input validation and sanitization
• Server-side validation for mobile and web API requests

AnyMK does not currently publish formal third-party compliance certifications. We describe supported product controls clearly and avoid claiming certifications that are not in place.

• Privacy policy and account deletion information are available on the public site.
• Tenant separation is part of the workspace architecture.
• Security and compliance requirements for enterprise customers should be discussed before deployment.

We respect privacy and keep data handling tied to product functionality:

• Tenant-scoped workspace data
• Account deletion flow for supported account data
• Transparent data processing practices
• No selling of customer data

We respond to security events through defined maintenance and communication practices:

• Issue triage for authentication, tenant access, billing, and data integrity risks
• Remediation and patch releases when needed
• Customer communication when an incident materially affects workspace data or access

AnyMK uses third-party services for infrastructure, app distribution, and payment processing. Those services are selected and configured to support the product's operational requirements.

• Apple App Store for iOS distribution and iOS In-App Purchase
• Google Play for Android distribution
• Managed hosting, database, and storage providers

If you discover a security vulnerability, please report it to us immediately:

Please use the contact page and include enough detail for us to reproduce and assess the issue.

We appreciate responsible disclosure and will work with you to address any legitimate security concerns.

We update this page when public security practices materially change. For questions about security requirements for a workspace, please use the contact page.