Built for a platform that holds legal evidence.

An append-only, tamper-evident record

Every action, document approval, gate scan, override and state change, is written to an append-only audit log. Each entry is cryptographically chained to the one before it with SHA-256. Any attempt to alter a past record breaks the chain and is detectable. Approved documents are never edited or deleted in place; a change creates a new record and preserves the original.

This matters because contemporaneous records carry far greater evidentiary weight than ones reconstructed after an event. The record is made as the work happens, and it cannot be quietly rewritten later.

No destructive shortcuts

There are no maintenance or reset scripts in the web root that can clear or rewrite the audit history. Any state-clearing operation is restricted to authenticated server-side access only.

Checked at the source, not on trust

Company status, LBP licences, and electrical, plumbing and gas registrations are verified live against the MBIE, EWRB and PGDB government registers, with insolvency cross-checks against the Insolvency Register. The platform does not rely on a PDF someone emailed.

The controls underneath

• HTTPS enforced across all traffic, with HSTS preloading.
• Parameterised database queries throughout, to prevent SQL injection.
• Output consistently escaped, with a Content Security Policy limiting script execution to approved origins.
• Role-based access control inside each company, so legally significant actions are limited to authorised users.
• Rate limiting and per-account lockout on public endpoints, to resist brute-force and credential-stuffing.
• Outbound integrations protected against server-side request forgery, with the resolved address pinned to defeat DNS rebinding.
• All credentials and API keys held outside the web root, never in source.
• No third-party analytics or tracking. Connections are limited to the functional services the platform needs.

New Zealand data, minimised and isolated

Personal information is collected only for verifying identity and maintaining the legally required record, in line with the Privacy Act 2020. Data is isolated within each principal-and-contractor relationship: a principal sees only the documents their requirements call for, not a contractor's full file. Data is hosted in New Zealand.

Responsible disclosure

If you believe you have found a security issue, please contact operations@trustpoint.nz. We will acknowledge and work with you to resolve it.