Secure by default
SOC 2 Certified

  • SOC 2 Type 1 Certified
  • Private HTTPS tunneling via CONNECT
  • End to End Data Encryption
  • Secure Infrastructure
SOC 2 Type 1 Certified by Thoropass


End to End Encryption

We provide industry-standard encryption at rest (AES-256) and in transit (HTTPS/TLS).


Private Connection

For HTTPS traffic, our proxies use HTTP CONNECT tunneling to establish an end-to-end encrypted tunnel directly between your client and the destination server. Neither Fixie nor any third party can inspect the contents of your HTTPS requests.


Data Minimization

We collect only essential metadata for operations and never store the content of proxied traffic.


Role-Based Access Control

Customizable collaborator permissions to control who can create proxies, invite new collaborators and more.


Hardened Infrastructure

Organization-wide audit logging, automated threat detection with real-time security alerting, private network with strict access control, and encrypted point-in-time backups.


Application Security & Reliability

Continuous vulnerability scanning, automated patch management, and comprehensive monitoring with real-time security alerting.

Frequently Asked Questions

What data do you store?

We store minimal data required to operate the service, such as connection logs (e.g., timestamps, IP addresses), and usage metrics. We do not inspect or retain the content of proxied traffic. Connection logs are automatically deleted after 7 days.

Is your data encrypted?

Yes. All sensitive data at rest and in transit is encrypted using industry-standard encryption protocols (e.g., AES-256 for data at rest, TLS 1.2+ for data in transit).

Does the proxy use CONNECT tunneling?

Yes. Our proxy supports HTTP CONNECT tunneling, which allows secure end-to-end communication between your client and the destination server. Neither Fixie nor any third party can access the contents of your traffic.

How can I report security issues?

Please email any suspected vulnerabilities or security concerns to our Contact Us page. We appreciate responsible disclosure and will respond promptly.

Do you have a data retention policy?

Yes. Logs and related metadata are retained only as long as necessary for operations, typically no longer than 7 days. Historical monthly usage data is retained indefinitely.

What compliance frameworks do you follow?

We are SOC 2 Type 1 certified and follow industry-standard security frameworks including NIST and CIS Controls. We maintain comprehensive audit trails, have formal incident response procedures, and conduct disaster recovery drills. Contact us to request our SOC 2 report.

Over 50 example integrations for the most popular languages

JavaScript, Java, Ruby, Python, Elixir, Go, and many more.