Security & Trust
Your dealflow data is sensitive. Spok is designed from the ground up with fund-grade security: complete data isolation, encryption, and role-based access.
Multi-fund data isolation
Complete separation between funds at the database level. Your Fund II team never sees Fund I data. Each fund operates as an independent workspace with its own pipeline stages, LP records, and settings.
Encryption everywhere
All data is encrypted in transit using TLS 1.2+ and at rest using AES-256. Documents and attachments are stored in encrypted object storage with per-fund access controls.
Role-based access control
GP and Ops roles with granular permissions per fund. Control who can view, edit, and manage fund data. Team invitations with expiring tokens ensure only authorized users gain access.
Secure authentication
Google OAuth authentication with JWT session management. No passwords stored. Session tokens are rotated regularly and can be revoked instantly.
Full data portability
Export all your data — companies, notes, documents, investments, LP records — at any time in CSV or JSON format. No lock-in, no data hostage. Your data is always yours.
No third-party data sharing
We do not sell, share, or monetize your data. AI processing is performed on-demand only when you trigger features, using enterprise AI providers that do not use your data for training.
Infrastructure
- Hosting
- Fly.io (multi-region)
- Database
- PostgreSQL with automated backups
- File Storage
- S3-compatible encrypted object storage
- AI Providers
- Anthropic (Claude), Google (Gemini) — enterprise terms
Security questions?
Contact us at security@spok.vc for security inquiries, vulnerability reports, or compliance questions.