Security is not an afterthought.
It is our foundation.
Your clients trust you with sensitive documents. We take that responsibility seriously. From encryption to automatic expiration, every feature is designed with security first.
Built-in Security Features
Every document that passes through Gathery is protected by multiple layers of security.
Encryption in Transit & At Rest
Files are protected in transit using TLS 1.3 and stored on encrypted infrastructure at rest.
Virus Scanning
Every uploaded file is automatically scanned for malware before it becomes accessible. Infected files are quarantined and never reach your team.
Automatic File Expiration
Files are automatically deleted after your configured retention period. No sensitive documents lingering forever in the cloud.
Secure Authentication
Password hashing with Argon2id protects account credentials. SSO integration is a planned enterprise feature.
No Client Accounts Required
Clients access portals via secure, unguessable links. No passwords to remember, no accounts to compromise.
Role-Based Access Control
Granular role-based permissions are a planned enterprise feature.
Enterprise Infrastructure
Our infrastructure is built on the same foundations trusted by Fortune 500 companies. We do not cut corners when it comes to protecting your data.
Hosted on enterprise-grade cloud infrastructure with a 99.9% uptime target for Gathery-managed services, excluding third-party platform and network outages. Automatic failover and redundancy built in.
Data stored in secure, SOC 2 certified data centers. Enterprise customers can choose their preferred region.
When files expire or are deleted, they are permanently removed from all storage systems. No recoverable traces left behind.
DDoS protection, WAF, and intrusion detection systems protect against attacks.
Our Security Practices
Security is not just technology. It is process, training, and culture.
We maintain a responsible disclosure program for security researchers to report vulnerabilities.
All employees complete security awareness training and follow strict data handling procedures.
Documented incident response procedures with defined escalation paths and communication protocols.
Audit logs track uploads, downloads, deletes, and related owner-side actions, retained for compliance purposes.
Internal access to production systems is strictly limited to essential personnel only.
Found a Security Issue?
We take security reports seriously. If you have discovered a vulnerability in our systems, we want to hear about it. We follow responsible disclosure practices and work quickly to understand and resolve issues.
Ready to collect documents securely?
Join professionals who trust Gathery with sensitive client documents.