Security
Built to be trusted with your sites.
Cockpit connects to your Webflow account and your clients’ live sites, so security isn’t a feature — it’s the foundation. Here’s how we handle it.
Encryption everywhere
All traffic is served over TLS. The Webflow and Google access tokens you authorize are encrypted at rest with AES-256-GCM — we never store them in plaintext, and decrypt only for the moment of an API call.
No passwords to steal
Sign-in is Google OAuth only — Cockpit never sees or stores a password. Webflow is connected through its official OAuth, and you approve exactly which sites Cockpit can access.
Scoped, least-privilege access
Every team’s data is isolated: queries are scoped to your team membership, so one team can never see another’s sites, tokens, or activity. Admin access to the console is a short, separate session protected by two-factor authentication.
Change management & audit trail
Changes ship through version control and review, and sensitive admin actions are recorded in an append-only audit log. Publishing to your live sites always requires an explicit, confirmed action.
Monitoring
The same uptime and error monitoring Cockpit runs for your sites, we run for Cockpit — with alerting so we hear about problems quickly.
Data ownership & deletion
Your data is yours. Delete a team and its associated data is removed within 30 days, except records we’re legally required to retain (e.g. billing). See the Privacy Policy for details.
Infrastructure & subprocessors
Cockpit runs on SOC 2-compliant infrastructure and relies on a short list of vetted providers, each receiving only what its function requires.
A note on compliance
Our hosting and payment infrastructure is SOC 2-compliant, and we build on top of it with the practices above. Cockpit itself does not yet carry an independent SOC 2 report — we won’t claim a certification we don’t hold. If your organization requires a formal security review, vendor questionnaire, or DPA, get in touch and we’ll work through it with you.