Tracts uses multiple layers of security. First and foremost the servers themselves follow the strictest of security and compliance guidelines. You can find more detailed information in the links below.
DigitalOcean security and compliance information can be found here: https://www.digitalocean.com/security/
Google Cloud Services security and compliance information can be found here: https://cloud.google.com/security/
Tracts uses a passwordless based login system. You can learn about how passwordless based systems work and their benefits here: https://auth0.com/blog/is-passwordless-authentication-more-secure-than-passwords/
All connections to servers are protected by SSL. All data transfers are encrypted. All data is protected by ACL (Access Control Lists) at the company level. All data is namespaced by company.