Hey! Click here to find out the secrets builders won't tell you 🤫
top of page
DSC4333-Edit-website.jpg

Security & Data Protection Statement

BuildPilot has implemented a system of technical and organisational controls designed to protect the confidentiality, integrity, and availability of its platform and user data. Security is embedded into platform architecture, software development, and day-to-day operations.

 

This statement outlines the key controls currently in place, aligned with recognised security and trust-services principles.

 

 

 

1. Control Environment

 

 

BuildPilot maintains a security-first control environment in which platform access, system changes, and data handling are governed by defined policies and technical safeguards.

 

Security responsibilities are embedded into platform design and operational decision-making, with controls implemented to reduce risk, limit exposure, and prevent unauthorised activity.

 

 

 

2. System Architecture & Infrastructure Controls

 

 

BuildPilot operates on enterprise-grade, cloud-based infrastructure designed to support availability, fault tolerance, and data protection.

 

Controls include:

 

  • Secure, professionally managed hosting environments

  • Network-level firewalls and traffic filtering

  • Logical separation between application layers

  • Redundancy to support system availability and continuity

 

 

Infrastructure components are maintained with regular updates and security patching.

 

 

 

3. Logical Access Controls

 

 

Access to BuildPilot systems and data is governed by logical access controls designed to ensure appropriate authorisation.

 

  • Role-based access controls restrict user and system access to authorised data only

  • Users can access only their own records or records explicitly permitted

  • Administrative access is restricted, permission-limited, and monitored

  • Authenticated sessions may require re-verification to reduce risk from inactive or shared devices

 

 

 

 

4. Data Encryption & Confidentiality Controls

 

 

BuildPilot protects data confidentiality through encryption and credential management.

 

Data in transit

 

  • All data transmitted between user devices and platform systems is encrypted using modern transport security protocols.

 

 

Data at rest

 

  • Stored data is encrypted using industry-standard algorithms.

  • User credentials are protected using secure, salted hashing methods.

  • Sensitive information is never stored in plain text.

 

 

 

 

5. Application Security Controls

 

 

 

5.1 Input Validation & Sanitisation

 

 

BuildPilot enforces strict input validation controls at the application layer.

 

  • Schema-based validation ensures data types, formats, and required fields are enforced

  • Maximum length constraints are applied to all input fields

  • Undefined or unexpected fields are rejected

  • Enumerated fields accept only predefined values

  • User identifiers must conform to approved formats

 

 

Input sanitisation includes:

 

  • Removal of HTML tags

  • Removal of unsafe JavaScript patterns

  • Automated trimming of extraneous whitespace

 

 

 

 

5.2 File Upload Controls

 

 

File uploads are governed by explicit security controls.

 

  • Accepted file types are restricted to approved formats only

  • File size limits are enforced based on feature context

  • Upload rules are defined per feature to limit exposure

  • Invalid or unsupported uploads are rejected automatically

 

 

 

 

6. API & Request Management Controls

 

 

All system interactions are governed by authenticated and controlled APIs.

 

 

6.1 Rate Limiting

 

 

To protect system availability and prevent abuse:

 

  • Requests are limited per IP address

  • Higher-risk or higher-cost operations are subject to stricter request thresholds

  • User-level tracking prevents individual account abuse

  • Excess requests receive controlled responses indicating retry conditions

 

 

 

 

6.2 API Authentication & Isolation

 

 

  • API requests must be authenticated and authorised

  • Permissions are scoped to defined actions only

  • Internal services operate within isolated boundaries

  • No system component is granted unrestricted access to platform data

 

 

 

 

7. Compartmentalisation & Data Segregation

 

 

BuildPilot’s platform is architected to enforce logical segregation.

 

  • Tools and features operate within isolated execution contexts

  • Data access is scoped per user and per function

  • Cross-tool data access is restricted by design

 

 

This limits blast radius and reduces systemic risk.

 

 

 

8. Credential & Secret Management

 

 

BuildPilot applies secure secret management controls.

 

  • Credentials and keys are never hardcoded into application logic

  • Secrets are loaded securely at runtime

  • Sensitive keys remain server-side and are never exposed to client applications

 

 

 

 

9. Monitoring, Logging & Operational Oversight

 

 

Operational controls are in place to detect and respond to anomalies.

 

  • System activity is logged to support auditing and investigation

  • Monitoring mechanisms identify unusual access patterns or behaviour

  • Alerts are generated for operational or security-relevant events

 

 

 

 

10. Data Minimisation & Privacy Controls

 

 

BuildPilot follows data minimisation principles.

 

  • Data collection is limited to defined operational purposes

  • Access to data is restricted based on function and role

  • Users retain ownership of their data

  • Data access, export, or deletion may be requested in line with applicable privacy frameworks

 

 

 

 

11. Change Management & Ongoing Review

 

 

Security controls are reviewed as the platform evolves.

 

  • System changes are assessed prior to deployment

  • Dependencies and infrastructure components are updated regularly

  • Security considerations are incorporated into feature development and operational planning

 

 

 

 

12. Commitment to Trust & Security

 

 

BuildPilot is committed to maintaining a secure, resilient, and trustworthy platform. Security controls are implemented to support confidentiality, integrity, and availability across all services.

 

This statement reflects BuildPilot’s current control environment and is reviewed periodically as the platform and threat landscape evolve.

 

For further information regarding BuildPilot’s security controls or data handling practices, contact the BuildPilot team directly.

bottom of page