Official Pausier Business domain
Official business site: https://business.pausier.com. Personal Pausier site: https://www.pausier.com.
Security
Pausier Business security and trust.
A public security overview for organisations reviewing Pausier Business for business, public-sector, partner, care, and enterprise use.
Official business site: https://business.pausier.com
Personal Pausier site: https://www.pausier.com
Security contact: security@pausier.com. Support contact: support@pausier.com.
Privacy / DPA route: use the business contact route until a client-specific legal contact is agreed. DPA templates require legal review before client signature.
Security contact
Security contact: security@pausier.com. Support contact: support@pausier.com. Privacy and DPA questions should use the business contact route until a client-specific legal contact is agreed.
Decision-support boundary
Pausier Business helps teams pause, check, review, decide, and record before acting. It does not replace banks, police, regulators, emergency services, legal advice, financial advice, safeguarding authorities, or official verification routes.
No sensitive credentials rule
Pausier must not ask for passwords, OTPs, full card numbers, bank logins, private keys, recovery phrases, or unnecessary sensitive financial details.
Tenant and role boundaries
Business data is scoped by organisation tenant. Owner, manager, worker, operator, and partner-route surfaces are separated by route and role checks.
Business owner / manager / worker access model
Owners manage setup and oversight, managers review team decisions, and workers create checks and records. Operator tools are internal Pausier surfaces, not normal customer pages.
Partner integration security boundary
Partner routes require approved onboarding, exact route configuration, support ownership, data-boundary acceptance, sandbox validation, and production approval.
API / Webhook / SDK security approach
Partner API keys are treated as server-side credentials, webhook signing uses approved endpoint metadata, and SDK/deep integrations use a partner backend or short-lived token model rather than long-lived client app keys.
Data minimisation
Pausier Business records only the context needed for decision support, review, history, support handoff, and approved integration flows.
Audit/history model
Checks, reviews, outcomes, case history, support tickets, partner events, and operator actions are designed to create an accountable record without certainty labels.
Incident reporting
Security and operational incidents should be reported through security@pausier.com or the approved support route for triage and response.
Vulnerability reporting
Responsible disclosure should go to security@pausier.com with reproduction steps, affected route, and safe evidence only.
Data retention/deletion readiness
Retention, deletion, and export workflows are documented as readiness controls and require approved operational/legal review before customer contract use.
Privacy, DPA, and subprocessor readiness
Pausier Business maintains source-level data-map, DPA-readiness, retention/deletion/export, and subprocessor-readiness documents. Templates require legal review before client signature.
What Pausier does not do
Pausier does not guarantee outcomes, prove fraud, prove safety, replace emergency or official routes, request sensitive credentials, or publish unapproved partner/customer claims.
Security roadmap without unsupported certification claims
The roadmap tracks security review, monitoring, incident response, DPA readiness, subprocessor review, and enterprise assurance work. Public certification or approval claims require real evidence before publication.