Security
Kicklayer is built for agencies that collect project files, access details, approvals, and client information before work begins. Security work is ongoing, but these are the principles the product is designed around today.
Credential collection
Agencies should prefer platform invitations where possible. When a client needs to submit access details directly, Kicklayer keeps those requests in the onboarding workflow instead of scattering them across email threads.
Access control
Client portals use non-guessable access links and agency-side authorization. Private dashboard routes are not meant to be indexed and remain behind authenticated app flows.
Retention and deletion
Agencies should remove or rotate access that is no longer needed after a project. Kicklayer’s product direction is to make cleanup and auditability visible instead of leaving sensitive details buried in old messages.
Questions
For security questions, contact support@kicklayer.com.