Security
Knockt holds the numbers your reps get paid on. We treat that data the way the commission itself should be treated — protected, isolated, and auditable to the cent.
Every company's data is isolated at the database level with row-level security, enforced independently of the application code. Your reps, sales, and customers are never visible to another workspace.
TOTP-based 2FA (Google Authenticator, Authy, and others) is available to any user. Pro workspaces can require it for every manager and rep.
All traffic is served over TLS, and data is encrypted at rest by our infrastructure providers. Card details are handled by Stripe — we never store them ourselves.
Commission entries are append-only. Nothing is silently edited or deleted — every accrual, clawback, and adjustment stays traceable, so payroll is always defensible.
Knockt runs on Supabase (PostgreSQL on AWS) and Vercel's edge network — both SOC 2 compliant, hosted in the United States.
Export your full workspace anytime. If you cancel, you have 30 days to export before deletion. We never sell your data, and we set only strictly necessary cookies.
We process data under GDPR and honor CCPA rights, and we never sell personal data. See our Privacy Policy and the full subprocessors list. A DPA is available on request.
Found something? We appreciate responsible disclosure. Email support@knockt.app and we’ll respond quickly.
Start free in minutes, or take a one-click tour with live sample data. No credit card required.