Security & Trust

Where your data lives

All files you upload to FieldFrame -- drawing sets, site photos, and 360 video and image media -- are stored in Cloudflare R2 object storage. R2 is Cloudflare's S3-compatible object storage service, hosted in Cloudflare's global network. Files are served exclusively over HTTPS/TLS, which Cloudflare enforces at the network edge.

The FieldFrame application and its managed PostgreSQL database run on Railway, a managed hosting platform with automatic backups and infrastructure-level security controls. No database content is exposed to the public internet; it is accessible only through the application layer.

All connections between your browser and FieldFrame -- including authentication, API calls, and file access -- travel over TLS-encrypted connections.

Access control

Project membership controls who can view or interact with each project. When you create a project you are its owner; you invite team members explicitly. No one outside your firm's account can access your projects through normal product flows.

FieldFrame 360 share links let you share site walkthroughs selectively:

• Anyone-with-link -- the recipient needs only the URL, suitable for open client reviews.
• Password-protected -- recipients must enter a password to access the content. Passwords are hashed using scrypt before storage; the plaintext password is never written to the database.
• Share links are revocable at any time by the project owner. Revoking a link immediately invalidates it; anyone who previously accessed it cannot use it again.

Authentication

User accounts are managed through Clerk, a purpose-built authentication platform. Clerk handles credential storage, session management, and optional strong authentication factors. The following controls are available:

• Password-based sign-in with Clerk's secure credential handling
• Two-factor authentication (2FA) and passkeys -- available through your account settings
• Domain-restricted sign-up -- your firm can be configured so that only users with your firm's email domain can register, reducing the risk of unauthorized account creation

FieldFrame never handles your password directly; all credential operations go through Clerk's infrastructure.

How uploads work

When you upload a file, your browser requests a short-lived, pre-signed upload URL directly from FieldFrame's API. Your file is then transferred from your browser straight to Cloudflare R2 over that pre-signed URL -- it does not pass through our application servers as an intermediary. This approach reduces the attack surface for file ingestion and means large files do not sit in transit on shared infrastructure longer than necessary.

We do not sell, license, or share customer content with third parties for advertising, training, or any other purpose outside of providing the service.

Sub-processors

FieldFrame relies on the following third-party infrastructure providers to deliver the service. All four are well-established platforms with their own published security and privacy programs.

This list is consistent with the sub-processors identified in our Privacy Policy. We review it as the stack evolves and will update both pages if the list changes.

Security practices

We follow security best practices appropriate for a B2B SaaS product at this stage. Some specifics:

• All traffic is served over HTTPS; plain HTTP requests are redirected.
• Share-link passwords are hashed with scrypt before storage; we cannot recover them in plaintext.
• Database credentials and API secrets are stored as environment variables in Railway, never hard-coded in source.
• Access to production infrastructure is limited to authorized personnel.

We do not currently hold SOC 2, ISO 27001, or similar third-party certifications. We plan to pursue formal security review programs as the product and customer base grow. We will update this page as those milestones are reached.