Security & trust

How we handle your data and your code

This page summarises how NextGen Digital Craftapproaches security and trust in client engagements — code handling, access scoping, compliance posture, sub-processors and incident response. It is written so a procurement or security team can read it once and know what they're getting.

Request our security pack

Our security practices

Engagement-level NDAs and access scoping

Every engagement starts with a mutual NDA. Engineering access to client systems is scoped per-engagement and per-engineer — separate cloud accounts, separate repos, separate credentials. Access is reviewed at engagement end and revoked.

Code handling and version control

Client code lives in client-owned GitHub / GitLab / Bitbucket organisations by default. When code lives in our org during sprint cycles, repos are private and 2FA is mandatory. No production secrets are committed; secrets live in client cloud KMS or HashiCorp Vault.

Engineer workstation security

Engineers operate from disk-encrypted machines with screen-lock policies and required OS-level updates. Where the engagement demands, we provision dedicated workstations per engineer.

Production environment posture (when we operate it)

When we own production environments for a client, we apply: encryption at rest and in transit, least-privilege IAM, MFA for all human access, automated patching, audit logs with immutability, daily backups with PITR, and runbooks for incident response.

Compliance-aware engineering

We architect with compliance posture in mind from day one — HIPAA-aligned data flows for healthcare, PCI-DSS scope minimisation for FinTech, SOC 2 readiness controls (audit logs, change management, access reviews) for B2B SaaS, GDPR / DPDP for any EU / India consumer flow.

Vendor management and sub-processors

We disclose any third-party sub-processors (LLM providers, payment processors, hosting) before engagement. Where the engagement requires it, we sign DPAs and confirm sub-processor security posture as part of the contract.

Incident response and disclosure

Internal incident response is documented. For any incident affecting client systems we operate, we notify the client within 24 hours of detection and provide a written post-mortem within 5 business days.

Code review and merge gates

All code requires a peer review before merge. Automated CI runs type-check, lint, test suite and security scanning (dependency vulnerabilities, secret detection). Production deploys require change tickets with approver sign-off.

Right to audit

Enterprise clients have a contractual right-to-audit clause on engagements involving sensitive data. We support security questionnaires (SIG, CAIQ, custom) and accept on-site or remote audits as part of procurement.

Common compliance frameworks we work with

SOC 2 Type II readinessHIPAA-aligned engineeringPCI-DSS scope minimisationGDPR / DPDP ActISO 27001 alignmentRBI digital lending guidelinesABDM (India healthcare)

We're an engineering partner, not a certified auditor. We design and ship systems that pass these frameworks' audits, but the certifications themselves are issued to the client organisation by their auditors.

Questionnaires and audits we support

SIG (Standardized Information Gathering) questionnaires
CAIQ (Cloud Security Alliance) questionnaires
Custom vendor security questionnaires
Remote security audits with screen-share and document review
On-site audits at our Hyderabad office (with notice)

Need our security pack for procurement?

We'll send a written security overview, completed SIG / CAIQ where applicable, and our sub-processor list. Drop us a note and reference your procurement timeline.

Request the pack