How we protect your data

PowerAMS runs on enterprise cloud infrastructure with isolated network environments, hardened images, and 24/7 monitoring. Production data lives in encrypted data stores backed up daily.

In transit

All connections to PowerAMS — web app, mobile app, and APIs — use TLS 1.2 or higher. HSTS is enforced on app.powerams.com.

At rest

Customer data, including database contents and backups, is encrypted at rest using AES-256.

• Role-based permissions inside the platform (Admin, Event Manager, Membership Coordinator, Finance, Read-only).
• Internal Power AMS access is limited to authorized engineers on a need-to-know basis.
• All internal access to production is logged.
• Multi-factor authentication is required for all Power AMS employee accounts.

Card processing runs through MXMerchant. Card numbers are tokenized at the processor — Power AMS does not store full card details. Payments are PCI DSS compliant via the processor.

• Daily encrypted backups of the production database.
• Point-in-time recovery available within the retention window.
• Backups are tested regularly.

We maintain a documented incident response plan. In the event of a security incident affecting customer data, we will notify affected customers without undue delay and provide the information they need to comply with their own legal obligations.

Report a suspected vulnerability or incident to info@powerams.com.

We're happy to share our current SOC 2 status, security questionnaire (CAIQ), and DPIA materials under NDA. Contact info@powerams.com to request them.

Customers are responsible for keeping their staff credentials secure, enabling multi-factor authentication where available, and using the platform's role-based access controls to scope staff appropriately.