Security Info

TCVelik runs on Microsoft Azure with per-customer isolation, encrypted storage, and HTTPS everywhere. This page explains how your data is protected at the infrastructure level. At a glance - TCVelik is hosted on Microsoft Azure App Service, each customer account is a separate App Service. AES-256 encryption at rest (Azure SSE), HTTPS/TLS for all connections. Each customer has their own database (physically separated) and search indexes (physically separated).

Book a walkthrough Download personal Edition →

Hosting & environment isolation

TCVelik is hosted on Microsoft Azure App Service. Each customer runs in a separate App Service instance, with its own application runtime, file system, and configuration.

This goes beyond pure logical multi-tenant separation: an issue in one customer environment does not give access to another.

What isolation means in practice
  • Dedicated App Service per customer
  • Separate file system for our application data store & our search index
  • Configuration and secrets isolated per customer
  • No shared runtime or process across tenants

Encryption at rest

All data stored in Azure App Service is protected by Azure Storage Service Encryption (AES-256).

This includes the our application data store database, our search index index, screenshots, attachments, and application-level files stored on the App Service file system.

  • Encryption before write
  • Automatic Azure-managed key rotation
  • Encrypted backups & replicas

Encryption in transit

All connections to TCVelik use HTTPS/TLS. This covers:

  • Web access
  • Browser extension traffic
  • API calls
  • Embedded widgets

We enforce HTTPS-only access and use modern TLS versions.

Data storage architecture

TCVelik uses our application data store and a our secure search index search index, both stored on encrypted Azure App Service disks.

  • our application data store for SOP data & config.
  • our search index for search optimization.
  • Screenshots & attachments stored as encrypted files.
Search index considerations

our search index requires plaintext for indexing. To limit exposure:

  • Only required fields are indexed
  • Index stored only inside your isolated environment
  • Index is on the encrypted Azure storage layer

Platform & operational security

  • Azure-managed OS & runtime
  • Network-isolated App Service per tenant
  • Role-based access for TCVelik operations

How TCVelik differs

Unlike typical SaaS models:

  • Per-customer App Service isolation
  • Separate file systems for each environment
  • Clear blast-radius boundaries

Summary

TCVelik combines Azure’s managed infrastructure with per-customer isolation, encrypted storage, and HTTPS-only access to create a strong security foundation for your SOPs.

If you have specific security or compliance requirements, we can walk you through the architecture and discuss options that match your needs.

SOP power without enterprise pricing

A quick discovery call will give you a solution sized to your needs.

Book a discovery