Skip to main content
LLDPS Africa
Security

Security at LDPS Africa.

Producer KPIs, financial ledgers and investor reports are sensitive. This page is maintained by LDPS Africa and summarises the controls currently enabled across the platform. It is not a third-party attestation.

Encryption in transit & at rest

All traffic to the platform is served over TLS. Customer data, KPI snapshots and audit records are stored in a managed Postgres database with encryption at rest enabled by the underlying cloud provider.

Row-level security on every table

Every customer-facing table enforces row-level security policies that scope reads and writes to the authenticated user, their organisation, or — where appropriate — a narrow service role used only by verified background jobs.

Least-privilege role design

Roles are stored in a dedicated table, never on the user profile. Privileged operations (role grants, financial admin, suppression-list reads) require an explicit super-admin check via a security-definer function with a pinned search path.

Authentication you control

Email/password and Google sign-in are supported out of the box. Password leak protection (HIBP) is enabled. Two-factor authentication is on the roadmap for the next platform release.

Hardened server functions

App-internal logic runs through authenticated server functions. Webhooks (Paddle, M-Pesa) verify HMAC signatures against the raw request body before any state change. Service-role credentials never reach the browser bundle.

Auditable operational events

Sensitive lifecycle events — audit runs, role changes, payment outcomes, KPI snapshot writes — are captured in append-only operational and audit logs for end-to-end traceability.

Shared responsibility

LDPS Africa secures the platform, the database tier, the API surface and our managed identity provider. Customers are responsible for their own account credentials, the operating environments from which they upload data, and the integrations they enable against the LDPS Africa API.

Reporting a vulnerability

If you believe you have found a security issue, email security@ldpsafrica.com. We acknowledge reports within 72 hours and credit responsible disclosure in our release notes.