Access control and activity history built into the operating model.
TidalCap separates investor, representative, and administrator access while retaining the operational history needed to review document activity, sessions, consent, and data changes.
Infrastructure and data isolation
TidalCap runs on infrastructure that holds SOC 2 Type II certification, a third-party audit standard covering availability, confidentiality, and security. That certification belongs to the underlying infrastructure provider, not to TidalCap as an independent entity.
TidalCap builds its own access model on top of that foundation: authenticated sessions, role-aware routing, API checks, database helper functions, and database-level row policies on core investor operations tables.
Access scoped to the real relationship
Investor access is matched to the authenticated user behind that investor record. Representative access is limited to clients assigned to that representative. Administrators have the broader operating view needed to manage funds, series, clients, representatives, documents, reports, and corrections.
The result is not just a hidden menu item. Access is enforced across the application and data layer so the three portal experiences can share one operating model without exposing the wrong records.
Four layers of protection
Authenticated sessions
Access begins with authenticated users and role-aware dashboard routing, so investors, representatives, and administrators land in the right experience.
Application checks
API route checks and database helper functions enforce role and assignment boundaries before sensitive investment, document, or reporting data is returned.
Database-level policies
Core tables use row-level access policies so investor and representative access is constrained at the data layer, not only in the user interface.
Operational history
Audit records, login/logout session activity, consent history, document-download state, and document activity help show what changed, what was accessed, and when.
Activity history
Investment teams need answers after documents go out, data changes, or clients ask what happened. TidalCap keeps a record of the operational history behind those workflows.
- Data-change audit records with old and new values
- Login and logout session activity
- Consent history
- Document-download status and timestamps
- Document activity by investor, investment, fund, and series
- Activity exports for operational review
Correction workflows
Real investment operations data changes. TidalCap includes correction paths so updates stay connected across authentication, investor, user, investment, series, and fund records.
- Authentication, investor, user, and investment records stay aligned when client information changes
- Investment changes can trigger recalculation of series investor counts and fund totals
- Corrections preserve operational context instead of leaving silent data changes
Questions about access or audit history?
We can walk through the access model, document activity, correction workflows, and reporting history in a live product demo.