Security

Security practices for teams that need clarity, not fluff.

Gravitask is built to keep project data private, permissions understandable, and infrastructure manageable as teams grow.

UK-hosted infrastructure

Gravitask runs on Microsoft Azure infrastructure and is configured for UK hosting so teams can keep work management data close to home.

Encrypted transport and managed secrets

Traffic is served over HTTPS, and application secrets are managed through Azure Key Vault instead of being baked into client code.

Workspace-aware permissions

Projects, memberships, and collaboration features are scoped to workspaces so teams can share what they need without exposing everything.

What this means in practice

Application controls

Authentication, workspace membership, project sharing, task collaboration, and billing access all flow through scoped application permissions instead of one flat access model.

Operational controls

Supporting services such as email delivery, blob storage, and hosted application workloads are kept behind managed Azure infrastructure and deployment pipelines.

Related documentation

Privacy Policy

Read how personal data is stored, processed, and retained.

Terms & Conditions

Review account, billing, and acceptable-use commitments.

Try Gravitask

See how workspace permissions and collaboration behave in the live product.