pencild
For Artists For Studios
Pricing News
Log in Start your free trial

Professional-grade security for your business

Your client data deserves the same level of care as your artwork. pencild protects every record with per-user encryption, strict data isolation, and two-factor authentication.

Your data is encrypted

Every user has their own unique encryption key. Over 60 fields are encrypted at rest -- including email content, phone numbers, addresses, notes, financial information, Instagram messages, and connection tokens. All traffic is served over HTTPS.

Email content.
Subject lines, body text, and message snippets are encrypted before storage.
Phone numbers and addresses.
All client contact information is encrypted with your personal key.
Personal notes.
Client notes, project details, and session records are encrypted at rest.
Financial information.
Payment details and deposit records are encrypted.
Instagram messages.
Your Instagram DM content is encrypted at rest.
Files encrypted at rest.
All uploaded files and documents are encrypted in storage.

Authentication

Secure access to your account

Strong authentication protects your account from unauthorised access. Two-factor authentication adds an extra layer of security.

Two-factor authentication.
TOTP-based 2FA works with apps like Google Authenticator. 10 backup codes provided.
Strong password requirements.
Minimum 10 characters with uppercase and special character requirements.
Rate limiting on login.
Brute-force protection limits login attempts to keep your account safe.
2FA-gated features.
Sensitive actions like ID document capture require active two-factor authentication.
Email-based login.
Secure, straightforward email-based authentication.
HTTPS enforced.
All connections are encrypted in transit. No exceptions.

Data isolation

Your data is completely isolated

Every query is scoped to your user account. Studios can only access artist data through explicit permissions that artists control.

User-scoped data access.
Every data request is filtered to your account. Your data is yours alone.
No cross-user access.
One user cannot access another user's data. Ever.
Studio boundaries respected.
Studios see only what artists explicitly share. Artists control the permissions.

GDPR compliance

Built for data protection

pencild is designed with GDPR compliance at its core. Personal data is encrypted, consent is tracked, and you have full control over your data.

All personal data encrypted.
Standard and special category data (like health questionnaires) are encrypted at rest.
Consent timestamps recorded.
Every consent action is timestamped and stored for compliance.
Right to erasure.
Soft delete with 30-day recovery period, then permanent deletion. No data lingers.
Data portability.
Bulk export your data anytime. Consent forms and ink passports export in ZIP format.
Immutable audit trail.
ID document access and studio data access are logged in an audit trail that cannot be altered.
Explicit consent capture.
GDPR-compliant consent collection with clear opt-in and timestamp recording.

Your control

Delete or export anytime

Your data belongs to you. Export it or delete it whenever you want.

Export your data.
Download everything anytime. Full data portability.
Delete with 30-day recovery.
Soft delete gives you a safety net in case you change your mind.
Permanent deletion after grace period.
After 30 days, data is permanently removed. Gone forever.

Professional tools, professional security

Per-user encryption, two-factor authentication, and GDPR compliance. Your data is protected.

Start your free trial View pricing

14-day free trial. Add a card to extend to 30 days.