Skip to main content

Security & data isolation

Noviq is multi-tenant software built on the assumption that your roster, hours and pay data are sensitive. The short version: workspaces are isolated, writes are server-side and audited, and your data stays yours.

Per-workspace isolation

Each workspace lives on its own subdomain and its own data scope. Members of one workspace cannot read another's data; inside a workspace, role gates (employee / finance / manager / admin) scope what each person sees.

Sign-in done once, properly

Authentication runs on Firebase Auth at a single canonical origin. Sessions ride a scoped cookie; workspace subdomains never handle credentials directly.

Server-side writes with an audit log

Browsers cannot write to the database directly — every change goes through a server action that checks the caller’s role and records an audit entry: who, what, when. Free-text content is redacted from the log.

Your data stays yours

If a plan lapses, the workspace becomes read-only — nothing is deleted. Timesheets and decided leave are retained as statutory wage records; you can export your data at any time, and employees can always export their own timesheet.

Privacy & compliance

A signed DPA, a public subprocessor list, cookie consent that defaults to off, and an accessibility statement targeting WCAG 2.1 AA (IS 5568) — the paperwork lives on the legal pages, versioned, in both languages.

Read the documents

Noviq uses essential cookies to sign you in and remember your preferences. With your consent, we also use analytics to understand how the product is used. Cookie Policy