Enterprise-grade security

Security built into every layer

Payroll and HR data is among the most sensitive information a business holds. Every layer of Peymatrix is designed with security as the baseline — not an afterthought.

What we protect

Security features

Every layer of the platform is designed with security as the baseline, not an afterthought.

Encryption at Rest

All stored data — employee records, payroll figures, documents — is encrypted using AES-256. Encryption keys are managed separately from the data they protect.

Encryption in Transit

Every connection between your browser and Peymatrix servers uses TLS 1.2 or 1.3. Unencrypted HTTP connections are not accepted.

Multi-Factor Authentication

TOTP-based MFA is available for all accounts. Administrators can enforce MFA as a requirement across their entire organisation.

Tenant Isolation

Each organisation's data is stored with strict isolation at the database level. One tenant's data cannot be accessed or queried from another tenant's context under any circumstances.

Role-Based Access Control

Granular permissions across four roles: Employee, Manager, HR Admin, and Owner. Each role sees only the data and actions appropriate to their responsibilities.

Audit Logs

Every action is logged with timestamp, user, IP address, and before/after state. Logs are immutable — SHA-256 hash-chained for tamper detection. 7-year retention with SIEM export in JSON, CEF, and Splunk HEC formats.

Infrastructure

Peymatrix is hosted on hardened cloud infrastructure with database-level tenant isolation, encrypted backups, and a pooled connection layer that keeps the database off the public network. Hosting region and data-residency options are part of our enterprise conversation.

  • Automated daily encrypted backups — 30-day retention
  • PgBouncer connection pooling — database not directly exposed
  • Database-level tenant isolation enforced at the database layer
  • Region and data-residency options available on Enterprise plans
Certifications

Compliance status

SOC 2 Type I

In progress — target Q4 2026

India DPDP Act + Rules 2025

Implemented (dual 72h breach SLA)

GDPR

Compliant (Art 17/20/33)

Golden Statutory Test Suite

30 boundary cases gate every release

Encryption at rest

AES-256 on PAN, Aadhaar, IBAN, UAN

Audit trail

Append-only, incl. partner actions

Security disclosures

If you discover a potential security issue or vulnerability, please report it responsibly. We take all reports seriously and will respond promptly.

info@peymatrix.com

Start your free trial today

14-day free trial. No credit card required.