Security & Trust
eFiling Solutions stores your CPSC eFiling credentials and your compliance records, so we hold ourselves to a high security bar. This page describes how the Service is protected. Questions or security concerns? Contact us.
Infrastructure
The Service runs entirely on Cloudflare's global edge platform — serverless compute, managed database, and private object storage — with data processed and stored in the United States. There are no self-managed servers to patch, and every request is served over HTTPS with HSTS enforced.
Encryption
- In transit: TLS for all connections, including our connections to the CPSC eFiling API.
- At rest: storage-level encryption across database and object storage.
- CPSC credentials: encrypted with AES-256 using keys cryptographically bound to your company. A credential encrypted for one company is unusable for any other.
Tenant isolation
The Service is multi-tenant by design, and isolation is enforced in code, not by convention: every database query is automatically scoped to your company, and requests that attempt to specify another company are rejected. Isolation is verified by automated testing.
Account security
- Mandatory two-factor authentication — every account must enroll an authenticator app; 2FA cannot be turned off.
- Brute-force protection — automatic lockouts on repeated failed sign-in attempts.
- Revocable sessions — signed, HttpOnly session cookies that can be revoked server-side at any time.
Staff access
Our staff have no standing access to your data. Support access requires an explicit, time-limited session, and every administrative action is recorded in an audit log.
Sub-processors
We use a small number of U.S.-based vendors to run the Service, in these categories: cloud hosting, compute, database, and file storage; transactional email delivery; AI-assisted extraction of data from uploaded lab-test reports; and payment processing. Each is bound to process your data only to provide their service to us.
Our AI sub-processors receive report content only to extract structured data at your request, over paid API tiers whose terms do not permit training on your data. They are not used for any other purpose.
A current named list of sub-processors is available to customers and prospective customers on request — contact us. We notify customers before adding a new sub-processor. Data is also transmitted to the U.S. Consumer Product Safety Commission and to the customs broker your company designates — at your direction, as recipients you choose, not as our sub-processors.
International data transfers
The Service is operated from and hosted in the United States. If you use it from outside the U.S., your data is transferred to and processed in the U.S. Where applicable data-protection law requires safeguards for such transfers (for example, for customers in the EEA, UK, or Switzerland), we will put appropriate measures in place, such as standard contractual clauses, as part of your company's agreement with us. See our Privacy Policy for details.
Responsible disclosure
We welcome reports from security researchers. If you believe you've found a vulnerability, contact us with enough detail to reproduce it. We will acknowledge your report promptly, investigate, and keep you informed. We ask that you do not access data that isn't yours, degrade the Service, or disclose the issue publicly before we've had a reasonable opportunity to fix it. We will not pursue legal action against good-faith research conducted within these guidelines.
Availability
The Service is built on globally redundant infrastructure with no single server to fail. Uptime commitments (SLAs) for enterprise customers are available as part of a signed agreement — talk to us.