How we protect your data and ensure regulatory compliance across our platform.
Enterprise-grade protections built into every layer of Hisbuu.
All data transmitted between your browser and our servers is encrypted using HTTPS with TLS 1.2+ protocols. API communications are secured with token-based authentication.
Uploaded documents and sensitive files are stored outside the public web directory. CDN-hosted files use signed URLs with expiration controls. Database credentials are never exposed in client-side code.
Designed to meet regulatory and operational requirements in the GCC.
Each organization's data is logically isolated at the application level. Admins and drivers from one tenant cannot access, view, or modify data belonging to another organization — even on shared infrastructure.
Complete audit trail for all critical operations — submission approvals, payout processing, document verification, and status changes. Every action is timestamped and linked to the user who performed it.
Structured document collection with expiry tracking for Civil IDs, driving licenses, and vehicle registrations. Automated reminders for expiring documents ensure ongoing compliance with local regulations.
For organizations requiring data to remain within specific jurisdictions, our Enterprise and self-hosted plans support on-premise deployment — giving you full control over where your data lives.
Granular role-based permissions ensure each team member only accesses what they need. Finance admins see payouts, supervisors see submissions, drivers see only their own data. Principle of least privilege enforced.
Export your data at any time in standard formats (CSV, Excel). Upon contract termination, we provide a full data export within 30 days and permanently delete your data from our systems thereafter.