Security at Grove
Your financial data deserves the highest level of protection. Grove is built with security and isolation at every layer of the stack.
Per-Tenant Isolation
Each customer runs in their own Docker container with dedicated resources
Isolated Data
Per-tenant DuckDB instances ensure complete data separation
AES-256 Encryption
All data encrypted at rest with AES-256 and in transit with TLS 1.3
EU Hosting
Hosted on Hetzner in Helsinki, Finland with full GDPR compliance
Our Security Architecture
Unlike many SaaS platforms that use shared databases and multi-tenant runtimes, Grove takes a fundamentally different approach. Every customer gets their own isolated Docker container and their own DuckDB database instance. This means:
- A vulnerability in one tenant cannot affect another tenant's data
- Resource consumption by one customer cannot impact another
- Customer data is physically separated, not just logically separated
- Tenant deprovisioning is a clean, complete removal
Per-Tenant Isolation Model
Each Grove customer receives a dedicated Docker container running their own application instance, backed by a dedicated DuckDB database file. Network policies enforce strict container-to-container isolation. There is no shared database, no shared runtime, and no possibility of cross-tenant data leakage at the infrastructure level.
Infrastructure Security
- Per-tenant Docker container isolation -- each customer gets a dedicated runtime environment
- Per-tenant DuckDB database instances -- your financial data is never co-mingled with other customers
- Hetzner dedicated servers in Helsinki, Finland (EU data residency)
- Cloudflare CDN and DDoS protection at the network edge
- Automated security patches and infrastructure updates
Data Security
- AES-256 encryption for all data at rest
- TLS 1.3 for all data in transit
- Encrypted database backups with point-in-time recovery
- Secure deletion when tenants are deprovisioned
- No cross-tenant data access is architecturally possible
Application Security
- Role-based access control (RBAC) with least-privilege defaults
- Secure authentication with session management
- CSRF, XSS, and SQL injection protections
- Content Security Policy (CSP) headers
- Regular dependency vulnerability scanning
Operational Security
- Security monitoring and alerting
- Incident response procedures
- Regular penetration testing
- Access logging and audit trails
- Secure development lifecycle practices
Sub-processors
We use a minimal set of trusted third-party services:
| Provider | Purpose | Location |
|---|---|---|
| Hetzner | Cloud hosting and compute | Helsinki, Finland |
| Cloudflare | CDN, DDoS protection, DNS | Global edge network |
| Stripe | Payment processing and billing | US / EU |
| Resend | Transactional email | US / EU |
Compliance
GDPR
Fully compliant with UK GDPR and the Data Protection Act 2018. EU data residency by default.
SOC 2 Ready
Our infrastructure and processes are designed to meet SOC 2 Type II requirements.
Responsible Disclosure
If you believe you have found a security vulnerability in Grove, we encourage you to notify us responsibly. Please email security@grove.financial with details of the vulnerability. We will acknowledge receipt within 48 hours and work with you to understand and address the issue.
Questions about security?
We take security seriously
Have a security question or need our compliance documentation? Our team is here to help.