Trust & Safety

Security

Last updated: April 14, 2026  ยท  SaddleUp Inc. (TURN)

TURN handles operational data for real properties and real vendors. We take that responsibility seriously and have designed our platform with security as a baseline requirement, not an afterthought.

Our Approach

We are an early-stage company and we are direct about that. We are not claiming enterprise-grade certifications we don't have. What we are committed to is applying sound, industry-standard security practices appropriate for a B2B SaaS platform โ€” and growing our security posture alongside our product.

๐Ÿ”
Encryption in Transit

All data transmitted between your browser and our servers is encrypted using TLS (HTTPS). We do not accept unencrypted connections.

๐Ÿ—„๏ธ
Encryption at Rest

Stored data โ€” including user records, property data, and operational logs โ€” is encrypted at rest using standard database encryption.

๐Ÿง‘โ€๐Ÿ’ป
Access Controls

Internal access to production systems and user data is restricted to authorized personnel only, with role-based controls and audit logging.

โ˜๏ธ
Secure Infrastructure

TURN is hosted on Vercel and uses infrastructure built on reputable cloud providers with SOC 2-compliant data centers.

๐Ÿ”‘
Credential Safety

User passwords are hashed using a modern algorithm (bcrypt or equivalent) and never stored in plain text. We do not have access to your password.

๐Ÿšจ
Incident Response

In the event of a security incident, we will notify affected users promptly and take immediate steps to contain and investigate the issue.

What We Don't Do

  • We do not sell your data or share it with advertisers
  • We do not store payment card information (payment processing, if applicable, is handled by a PCI-compliant third-party processor)
  • We do not log sensitive form inputs beyond what is needed to operate the platform
  • We do not allow unauthorized third-party access to your operational data

Third-Party Vendors

We work with a limited set of third-party service providers to operate TURN (hosting, email delivery, analytics). We evaluate each for reasonable security practices and data handling standards. We do not grant third parties access to your data beyond what is necessary to deliver the service.

Reporting a Security Issue

If you discover a security vulnerability in TURN, please report it responsibly by emailing us at notifications@turnapts.com with "Security" in the subject line. We take all reports seriously and will respond within 48 hours. We ask that you give us reasonable time to investigate before public disclosure.

Roadmap

As TURN grows, we are committed to expanding our security posture. Items on our roadmap include multi-factor authentication (MFA), SSO support for enterprise customers, formal penetration testing, and SOC 2 Type II compliance as the platform matures.

Questions

For security questions or concerns, reach out at notifications@turnapts.com.