Transparency

Public commitments

Security, privacy, and the real state of our development — unfiltered.

Select a product

Infrastructure

Subprocessors

The following third-party providers have access to customer data as part of delivering our service. We update this list whenever we add or remove a provider.

Last updated: May 2026

Company Category Country Policy
BCCR BCCR
Digital signature infrastructure (GAUDI) Costa Rica bccr.fi.cr →
Cloudflare Cloudflare
DNS, CDN, DDoS protection United States cloudflare.com →
Stripe Stripe
Payment processing United States stripe.com →
Paddle Paddle
Merchant of record, subscriptions United Kingdom paddle.com →
Resend Resend
Transactional email United States resend.com →
Google Workspace Google Workspace
Corporate email, video calls, documents United States google.com →
Sentry Sentry
Error and performance monitoring United States sentry.io →

History

Changelog

Real development progress across products and platform.

Jun 2026

ArcaSign launched

Digital signature platform with legal validity in Costa Rica (Law 8454) available for businesses. Native BCCR integration via GAUDI.

May 2026

Public website launched

Website launched in production with bilingual support (ES/EN), blog, product pages, and this transparency page.

Security policy published

Infrastructure commitments, access control, secure development lifecycle, and responsible disclosure documented and made public.

ERP inventory module — Internal beta

Product management, batches, movements, and IAS 2 inventory valuation completed in test environment.

Apr 2026

Multi-company architecture implemented

Data and permission separation per company completed. Foundation for supporting business groups on a single instance.

Accounting module — Journal and ledger

Automatic journal entries, configurable chart of accounts, and real-time general ledger running in development environment.

RAG research started

First tests ingesting National Registry data and running semantic queries over cadastral maps.

Mar 2026

Authentication and access control

Granular roles and permissions system. Mandatory 2FA. Immutable audit logs per session and operation.

Base production infrastructure

Staging environment with TLS 1.3, automated encrypted backups, and production/dev environment separation.

Feb 2026

Technical architecture design

Stack definition, multi-company data model, security conventions, and CR regulatory compliance plan.