Security at Renumify
How Kixlogic protects compensation, workforce, and commission data on Renumify.
Account authentication
- Passwords hashed with scrypt (unique salt per user) — never stored in plain text
- JWT session tokens with configurable remember-me duration
- OAuth sign-in (Google, Microsoft) where enabled
- Magic-link and password-reset tokens are hashed at rest
Data protection
- In transit: TLS 1.2+ on all connections
- At rest: Azure SQL with encryption; sensitive credentials encrypted in application storage
- Backups: Azure SQL geo-redundant backups
Access controls
Merit cycle roles (owner, manager, approver) and org-scoped queries limit who can view employee and proposal data. Commission data is scoped to authenticated users and organizations.
Infrastructure
Renumify runs on Microsoft Azure (Functions, SQL). See our Privacy Policy for subprocessors.
Responsible disclosure
Report vulnerabilities to security@kixlogic.com. Do not access other users' data or perform denial-of-service testing against production.