Security

Last updated 18 June 2026

Your records are your business's livelihood, so we treat them that way. This page summarises how Manifold is built to keep them safe. It will grow into a fuller security overview as we move towards general availability.

Tenant isolation

Every organisation's data is isolated. Access is enforced at the database with row-level security, so one business can never read or change another's properties, appliances, checks or certificates — the rules are applied at the data layer, not just in the interface.

Encryption

Traffic between your device and Manifold is encrypted in transit (HTTPS), and data is stored on reputable, managed infrastructure.

Least-privilege access

• Roles decide what each person can see and do — engineers, office staff, owners and customers each get only what they need.
• Customer-facing record links are issued as secure, scoped tokens rather than exposing the wider system.
• Administrative and automated tasks run with narrow, purpose-specific permissions.

Built for the field

Manifold is mobile-first and works offline, capturing on device and syncing when a connection returns — so a patchy signal never means lost work or a workaround that bypasses these protections.

Reporting an issue

If you believe you've found a security problem, please email security@getmanifold.co.uk and we'll look into it promptly.