Security & Compliance Overview

Last Updated: 2025-12-02 10:22 UTC

Personas: CFO / Controller / Legal / Compliance

What you'll learn

Data access & tenancy.
- Each customer organization is isolated; users only see data for the orgs they belong to.
- Role-based permissions (RBAC) ensure least-privilege access. Export controls require Controller approval.
Encryption & custody.
- Plixo relies on Stripe for payment processing; no PAN data is stored in Plixo systems.
- All data is encrypted at rest (AES-256) and in transit (TLS 1.2+). Secrets are managed in a dedicated vault.
Webhooks & tokens.
- Mini-portal links are single-use tokens signed with HMAC and expire automatically.
- Stripe and ERP webhooks are signed; Plixo validates signatures before processing events.
Certifications & roadmap.
- Plixo is pursuing SOC 2 Type I with an external auditor; Type II is on the roadmap for next year.
- Annual third-party penetration tests cover application and infrastructure layers. Sub-processors are listed in the customer trust portal; data residency options (EU, US) are planned for future releases.
Incident response.
- Incidents are classified as P1 (payments blocked), P2 (degraded), or P3 (non-critical). Plixo notifies Controllers and Billing Admins via email and in-app banners.
- Customers must update contact information and participate in joint remediation when issues involve their systems (e.g., ERP downtime).

Security reviews for procurement can be satisfied using this overview and the trust portal.
Teams know where to find sub-processor and penetration test information.
Incident contacts are up to date in Plixo.

Assuming Plixo stores card data. Remind stakeholders Stripe maintains custody.
Not updating incident contacts. Keep distribution lists current so alerts reach the right people.
Overlooking roadmap timelines. Communicate SOC 2 Type II timing to auditors early.