Trust & security
Security & data protection at workro desk
How workro desk protects your data: workspace isolation, role-based access, encryption in transit and at rest, DPDP-aware privacy, free data export, and no selling or AI-training on your data.
Your data stays yours
workro desk is built around data ownership. Import your assets and records by CSV and export everything back to CSV at any time — there is no lock-in. If you ever leave, you take your data with you, and we delete your workspace data on request.
Never sold, never used to train AI
Your workspace data is yours alone. We do not sell it, share it with advertisers, or use it to train AI models. Each workspace is isolated from every other tenant, so your tickets, assets and contracts are never visible outside your team.
Role-based access control
Access is limited to the Owner and the Admins you invite, on a least-privilege basis. Public ticket submission and tracking links are deliberately scoped — they let staff raise and follow a request without seeing the rest of your workspace, and those pages are excluded from search indexing.
Encryption in transit and at rest
All traffic to workro desk is served over HTTPS/TLS, so data is encrypted in transit. Your data is stored in a managed PostgreSQL database with encryption at rest, and access to production systems is restricted and logged.
Reliable, backed-up infrastructure
workro desk runs on managed cloud infrastructure with automated database backups, so your records are durable. Administrative areas and APIs are explicitly marked no-index and protected behind authentication.
Privacy built for India (DPDP-aware)
We designed workro desk with India's Digital Personal Data Protection (DPDP) Act in mind: clear consent records with a versioned privacy notice, data minimisation, and the ability to export or delete personal data on request. See our privacy policy for the full notice.
Security FAQ
Is my data sold or used to train AI?
No. workro desk never sells your data, shares it with advertisers, or uses it to train AI models. Each workspace is isolated from every other customer.
Is workro desk DPDP compliant?
workro desk is built to align with India's Digital Personal Data Protection (DPDP) Act: we keep versioned consent records, minimise the data we collect, and let you export or delete personal data on request. Review our privacy policy for the full notice, and contact us for a data-processing discussion.
Can I export or delete my data?
Yes. You can export your assets and records to CSV at any time with no lock-in, and we delete your workspace data on request when you leave.
Is my data encrypted?
Yes. Traffic is encrypted in transit over HTTPS/TLS, and your data is stored in a managed PostgreSQL database with encryption at rest.
Who can access my workspace?
Only the Owner and the Admins you invite. Public submit and track links are scoped so staff can raise and follow tickets without seeing the rest of your workspace.
Where is my data hosted and can I request residency details?
workro desk runs on managed cloud infrastructure with automated backups. For specific hosting region, data-residency or data-processing agreement (DPA) questions, contact us at support@workro.in.
Questions about security or data protection? We are happy to help.