EkaTantra Workspace OS
Command
Sign inGENERAL CUSTOMERSMB
CommandScan StudioReservations

Workspace

GENERAL CUSTOMER · SMB

My BusinessesCommand

Operations

  • Reservations
  • Table & Kitchen Ops
  • Floor Plan
  • Appointments
  • Client Cards
  • Memberships
  • Training Plans
  • Front Desk
  • Channel Mgr
  • Allotments
  • Test Drives
  • Catering Events
  • Event Pipeline
  • Venue
  • Hostel
  • PG / Co-living
  • Resort
  • Apartments
  • Spa
  • Sports Complex

Catalog & Supply

  • Scan Studio

Insights

  • Rebooking
  • Stylist KPIs
  • Peak Hours
  • Churn Risk
  • Class Fill
  • Night Audit
  • Guest CRM
Sign in

EkaTantra Workspace

Help centre System status Settings

© 2026 EkaTantra · Unified Commerce & Operations OS

Trust

Security & Compliance

How we protect your business data — the certifications, controls and commitments behind every EkaTantra account.

SOC 2 Type II

In Progress

Q4 2026 target

ISO 27001:2022

In Progress

Q2 2027 target

GDPR / DPDP

Compliant

Active

Security Controls

  • TLS 1.3 for all transit. AES-256 at rest.
  • Multi-tenant isolation via Firestore security rules and per-tenant document paths.
  • Role-based access control (5 roles) and subscription-tier entitlement on every API.
  • Two-factor authentication (TOTP) available for all admin accounts.
  • Session management with device tracking and remote revocation.
  • Immutable audit log of every state-changing action.
  • Rate limiting on public APIs (token-bucket per IP).
  • HMAC signing on outbound webhooks and inbound aggregator webhooks.
  • Secrets stored in Firebase Functions config / GCP Secret Manager.

Privacy Commitments

  • Right of access — programmatic data export at /api/compliance/data-export
  • Right of erasure — anonymization of statutory records, hard delete of personal identifiers
  • Data residency in India (asia-south1) for Indian tenants by default
  • Sub-processor list maintained and updated quarterly
  • Data Processing Addendum available on request

Operational Controls

  • Automated backups with point-in-time recovery (Firebase managed)
  • Disaster recovery target: RPO 1h, RTO 4h
  • Monthly access reviews; quarterly key rotation
  • Annual penetration testing (third-party)
  • Incident response runbook with 1h initial-acknowledgement SLA for P0
  • Vulnerability disclosure program: security@ekatantra.com

Documents available on request

  • SOC 2 Type I report (interim)
  • Penetration test summary (last 12 months)
  • Sub-processor list
  • Data Processing Agreement (DPA)
  • Business Continuity Plan

security@ekatantra.com · Issues disclosure honoured within 90 days.

Security questions before you commit?

Request our DPA, sub-processor list or latest penetration-test summary — or just start free and review the controls inside your own workspace.

Talk to us View sub-processors