Data security is our top priority

Create and publish private catalogs and important documents with guaranteed security and privacy. We protect every piece of your information, keeping your data safe every step of the way.

Enterprise security, by default

We comply with global data protection and security frameworks. Catalogy complies with all applicable privacy and data protection laws, including GDPR and CCPA. Learn more about our approach to privacy here.

We secure your data

• SSO authentication

Single Sign-on (SSO) allows you to authenticate users in your own systems without requiring them to enter additional login credentials.

• GDPR compliance

We respect every persona’s rights to privacy and data security. We process and store data in compliance with GDPR regulations.

Application & Infrastructure security

Encryption at rest

Encrypted with AES-256 via AWS KMS, keeping your information secure while you focus on building the future.

Encryption at rest & in transit

Encrypted with SSL/TLS, 2048-bit keys, and SHA-256 + RSA, keeping your data safe as it moves between you and Catalogy.

Data Erasure

To permanently delete your Catalogy account, please send an email to privacy@catalogy.com with a clear request for account removal.

Physical security

Protected by AWS’s industry-leading controls and our internal office security policies, Catalogy ensures both digital and physical safety.

Data Retention

Your personal data stays with us as long as your account is active. Once you close your account, we securely delete it in line with best practices

DDoS protection

Protected by AWS CloudFront and WAF, Catalogy keeps your access safe and reliable.

Data Centers

Hosted on AWS Virginia, our primary data centers ensure reliable and protected infrastructure.

Multi-Factor Authentication

Two-factor authentication (2FA) is a security measure that requires users to provide two forms of authentication to access sensitive data and resources. Catalogy’s 2FA adds an extra layer of security to user accounts by requiring a second factor in addition to the standard username and password. This makes it more difficult for attackers to gain access to sensitive data and resources, even if they manage to obtain a user's password.

Catalogy uses Role-Based Access Control (RBAC) to assign permissions based on user roles—Owner, Administrator, Editor, Agent, and Contributor—ensuring each user has the appropriate access level for secure and efficient operations.

Product & Platform Security

Product & Platform Security at Catalogy means building trust by design: protecting data, safeguarding content, and ensuring a safe, reliable experience for every user.

Password Protected Pages
Code Analysis
SSL certificate
Share catalogs with specific email addresses
Vulnerability & Patch Management