Security & Trust Center

Self-hosted means your data never leaves your network

Temps runs entirely on infrastructure you own. No DPA to negotiate, no subprocessors to review, no vendor-side breach exposure. Most of your standard vendor questionnaire simply doesn't apply — and we've pre-filled the rest.

What your vendor review looks like

A SaaS platform processes your data on their servers. Temps doesn't — and that removes most of the checklist before you start.

Review item
Typical SaaS vendor
Self-hosted Temps
Data Processing Agreement (DPA)
Required — vendor processes your data
Not applicable — no data ever reaches us
Subprocessor review
Review vendor's full subprocessor chain
Zero subprocessors — nothing to review
Data residency
Negotiate regions, hope for the best
Your servers, your region, by definition
Vendor breach exposure
Their incident is your incident
No shared tenancy, no vendor-side data at risk
Vendor outage impact
Their downtime is your downtime
Runs with zero dependency on our servers
Exit / lock-in risk
Data export at vendor's discretion
Standard PostgreSQL + OCI containers you already own

Security properties you can verify, not just trust

Every claim below is checkable in the open-source code or in your own deployment. No “trust us” required.

Your data never leaves your network

Analytics, session replays, error reports, logs, and metrics are stored in your own PostgreSQL database, on your own hardware. Temps has no access — not optionally, architecturally.

Secrets encrypted at rest

Application secrets and credentials are encrypted by a built-in encryption service before they touch the database. The encryption key is generated at install time and only you hold it.

Telemetry is opt-in, off by default

Zero phone-home unless you explicitly enable it. The full event list is documented and auditable in the open-source code — verify it yourself instead of trusting a policy page.

Automatic TLS everywhere

Certificate issuance and renewal via ACME / Let's Encrypt, including DNS-01 for wildcard and internal setups. No expired-cert incidents, no manual rotation.

Open source and auditable

Dual-licensed Apache-2.0 / MIT. Your security team can read every line, build from source, and pin the exact commit you deploy. If we disappeared tomorrow, you keep running.

Memory-safe by construction

The entire platform is written in Rust, eliminating the buffer overflows and memory-corruption bugs behind a large share of critical CVEs in C/C++ infrastructure.

Scoped API keys

Programmatic access uses API keys restricted by role-based permissions, so CI pipelines and scripts get exactly the access they need and nothing more.

Runs fully air-gapped from us

Temps can operate inside a private network with no public exposure and no outbound dependency on temps.sh. Perfect for internal tools that must stay internal.

One vendor review instead of six

Temps replaces the separate deployment, analytics, session replay, error tracking, and uptime tools your team would otherwise buy — each with its own questionnaire, DPA, and breach surface.

Vercel

Deployments

Sentry

Error tracking

PostHog

Analytics

FullStory

Session replay

Pingdom

Uptime monitoring

Five security reviews your team doesn't run

One binary, one audit surface, one attack surface to reason about — instead of five SaaS vendors each holding a slice of your production data.

Our compliance posture, stated honestly

Temps is not SOC 2 certified, and we'd rather tell you that on this page than let you find out three weeks into procurement. Here's why it matters less than you'd expect: SOC 2 attests to controls over vendor-operated infrastructure. In a self-hosted deployment there is none — your data is processed exclusively by your own infrastructure, under the certifications and controls you already maintain.

What we provide instead is everything your team needs to complete its own diligence:

Security review questions we haven't answered here? Email [email protected] — we respond to review inquiries within 2 business days.

Need enterprise-grade controls?

The Enterprise edition adds the identity and accountability layer larger organizations require — plus a commercial support agreement, so there's a real vendor relationship behind your deployment.

  • SAML single sign-on with your existing identity provider

  • SCIM user provisioning and deprovisioning

  • Tamper-evident, hash-chained audit logs

  • Support contract with a named escalation path

Skip the questionnaire ping-pong

Download our pre-filled vendor security questionnaire (CAIQ-Lite style) and hand it straight to your security team. Every answer is written for a self-hosted deployment — honestly, including what's your responsibility and what's ours.

Free download. No sales calls — this document exists so your security review takes days instead of months.