Security at viewfoot

Protecting player data and recruiter workflows is core to our product. We invest in infrastructure, process, and monitoring so families and partners can trust the platform.

Infrastructure & hosting

• Cloud provider: we run on Vercel and deploy global edge infrastructure for the web app. Media is stored on AWS S3 with region redundancy.
• Database: transactional data lives on Neon (PostgreSQL) with automated backups and point-in-time recovery.
• Media delivery: signed URLs and expiring tokens ensure only authorised viewers can stream video assets.

Access controls

• Role-based access across the app limits internal staff and partner permissions to what they need.
• Recruiter accounts are manually verified before they can search or contact players.
• Players and families control whether playlists are visible, downloadable, or time-limited.

Data protection

• Encryption in transit (TLS 1.2+) and encryption at rest for database and storage layers.
• Regular dependency patching and automated security scans in CI.
• Incident response procedures for handling data requests or breach notifications.

Compliance roadmap

We align with GDPR principles and maintain records of processing. Our roadmap includes ISO 27001 readiness and data processing addenda for enterprise partners.

Have a security question or need a DPA? Email security@viewfoot.com.