Security
Last updated: May 2026
The security of the emotional and relational data you entrust to us is a fundamental responsibility. Profil-e applies the principles of defense in depth, least privilege and encryption by default across its entire technical chain, and hosts its data in Canada in accordance with the requirements of Law 25.
1. Our commitment
We are committed to maintaining a level of security aligned with industry best practices for clinical psychometric tools. Data is hosted exclusively in the AWS ca-central-1 region (Montreal) to respect the data residency required by Quebec's Law 25. No personal or clinical data leaves Canadian territory in the normal course of operations.
2. Architecture
The platform is designed using a multi-tenant model with subdomain isolation for client firms. Data at rest is encrypted with AES-256 (keys managed via AWS KMS). Communications in transit are protected by TLS 1.3 with modern cryptographic suites. Psychometric services are isolated behind the bewell-engine, accessible only via per-client API key.
3. Hosting
Infrastructure runs on Amazon Web Services in the ca-central-1 region (Montreal and Laval). Critical components (database, queues, psychometric computation) are deployed across multiple availability zones to ensure service continuity and resilience. No subcontractor has access to data in clear text.
4. Clinical firewall
Raw questionnaire responses and individual scores are stored encrypted within bewell-engine and are accessible only to authorized clinical roles (responsible certified coach, clinical psychologist). Employers and managers only access aggregated or anonymized data, with a strict minimum aggregation rule of 5 responses per group to prevent re-identification.
5. Authentication
Authentication uses NextAuth with bcrypt hashing at 12 rounds for passwords. Multi-factor authentication (MFA, TOTP) is mandatory for administrative and clinical roles and strongly recommended for all certified coaches. Sessions are signed via short-lived JWTs. Failed authentication attempts are monitored and rate-limited.
6. Audit and logging
Any read or modification of individual clinical data is logged in an immutable audit log including the identity of the user, timestamp, IP address and action performed. Audit logs are retained for seven (7) years in accordance with the ethical requirements applicable to psychometric materials in Quebec.
7. Backups
Databases are subject to encrypted daily backups with cross-availability-zone replication. Backups are retained for 35 days on rotation and tested regularly through restore drills. No backup is extracted outside the ca-central-1 region.
8. Incident response
In the event of a confidentiality incident presenting a risk of serious harm, Profil-e notifies the Commission d'accès à l'information du Québec as well as the affected individuals as soon as possible and no later than 72 hours after becoming aware of the incident, in accordance with Law 25. An incident register is maintained and made available to the supervisory authority upon request.
9. Penetration testing
An external security audit (grey-box penetration test and OWASP-oriented code review) is performed annually by an independent firm. Critical fixes are deployed within 30 days. The general conclusions of the latest audit are communicated upon request to client firms under a confidentiality agreement.
10. Report a vulnerability
Profil-e applies a responsible disclosure policy. If you identify a vulnerability, write to security@profil-e.ca with a detailed description, reproduction steps and, where possible, a proof of concept. We commit to acknowledging receipt within 48 hours and to coordinating a reasonable disclosure timeline. No legal action will be taken against good-faith researchers who comply with this policy.