Security Overview
Floydee Studio is built to handle sensitive founder context, product memory, and billing data with a practical security posture suited to an early-stage SaaS platform.
Last updated: April 4, 2026
Platform controls
We use authentication, role-based access controls, server-side validation, receipt and purchase ledgers, and operational logging to protect workspace and billing workflows.
Payment processing is delegated to Razorpay, and receipt emails use our configured mail infrastructure. We do not ask users to share payment secrets inside support channels.
Data protection
Founder inputs, product memory, generated artifacts, and billing records are stored and processed only to provide the service. We aim to minimize access to production data to only what is needed for operations and support.
Security controls may evolve over time as the platform matures, including improved monitoring, incident response, and infrastructure hardening.
- Authenticated workspace access
- Server-side credit ledger and payment verification
- Receipt and billing audit history
- Operational access limited to legitimate support and maintenance needs
Responsible disclosure
If you believe you have found a vulnerability, please report it privately to admin@floydee.com with enough detail for us to reproduce and investigate the issue.
Please do not publicly disclose vulnerabilities before we have had a reasonable opportunity to assess and mitigate them.