Security and access

Access control and activity history built into the operating model.

TidalCap separates investor, representative, and administrator access while retaining the operational history needed to review document activity, sessions, consent, and data changes.

Infrastructure and data isolation

TidalCap runs on infrastructure that holds SOC 2 Type II certification, a third-party audit standard covering availability, confidentiality, and security. That certification belongs to the underlying infrastructure provider, not to TidalCap as an independent entity.

TidalCap builds its own access model on top of that foundation: authenticated sessions, role-aware routing, API checks, database helper functions, and database-level row policies on core investor operations tables.

CertificationSOC 2 Type II (infrastructure)
Encryption at RestAES-256
Encryption in TransitTLS
Access ControlRole and assignment scoped
Activity HistorySessions, consent, documents, changes

Access scoped to the real relationship

Investor access is matched to the authenticated user behind that investor record. Representative access is limited to clients assigned to that representative. Administrators have the broader operating view needed to manage funds, series, clients, representatives, documents, reports, and corrections.

The result is not just a hidden menu item. Access is enforced across the application and data layer so the three portal experiences can share one operating model without exposing the wrong records.

Four layers of protection

1

Authenticated sessions

Access begins with authenticated users and role-aware dashboard routing, so investors, representatives, and administrators land in the right experience.

2

Application checks

API route checks and database helper functions enforce role and assignment boundaries before sensitive investment, document, or reporting data is returned.

3

Database-level policies

Core tables use row-level access policies so investor and representative access is constrained at the data layer, not only in the user interface.

4

Operational history

Audit records, login/logout session activity, consent history, document-download state, and document activity help show what changed, what was accessed, and when.

Activity history

Investment teams need answers after documents go out, data changes, or clients ask what happened. TidalCap keeps a record of the operational history behind those workflows.

  • Data-change audit records with old and new values
  • Login and logout session activity
  • Consent history
  • Document-download status and timestamps
  • Document activity by investor, investment, fund, and series
  • Activity exports for operational review

Correction workflows

Real investment operations data changes. TidalCap includes correction paths so updates stay connected across authentication, investor, user, investment, series, and fund records.

  • Authentication, investor, user, and investment records stay aligned when client information changes
  • Investment changes can trigger recalculation of series investor counts and fund totals
  • Corrections preserve operational context instead of leaving silent data changes

Questions about access or audit history?

We can walk through the access model, document activity, correction workflows, and reporting history in a live product demo.