ProjectWorks.ai is designed for professional project delivery teams. This page summarizes our security practices. Enterprise customers may request a detailed security pack.

Infrastructure

Hosted on modern cloud infrastructure with encryption in transit (TLS).
Database access restricted to application services with least-privilege credentials.
Regular dependency updates and vulnerability monitoring.

Authentication

Clerk-managed authentication with support for email and social login.
Enterprise SSO via Google Workspace and Microsoft Entra ID.
SCIM 2.0 provisioning for automated user lifecycle (Agency / Enterprise).

Application security

Role-based access within workspaces and projects.
API rate limiting and audit logging for enterprise features.
Webhook signature verification for billing and identity events.

Data handling

See our Data Handling and Privacy Policy for retention and processing details.

Report a vulnerability

security@projectworks.ai