Security

Security for private agency work.

Next11 is designed for confidential player, club, contract, document, and deal workflows. This page explains how we think about access, data protection, auditability, and security reviews.

What we protect

Confidential work stays visible to your team, not scattered across tools.

Player files

Profiles, history, documents, and workspace notes.

Contracts

Mandates, drafts, reviews, and signature status.

Medical & compliance

Sensitive eligibility, medical, and compliance records.

Club contacts

Decision-makers, cadence, payments, and relationship context.

Community requests

Shared brief context with controlled private response data.

Internal notes

Follow-ups, reminders, recruitment notes, and review context.

Clerk-protected authentication

Sign-in, protected workspace routes, and CRM APIs are backed by Clerk authentication and organization-aware access checks.

Confidential document controls

Sensitive files can be marked confidential, helping teams handle contracts, medical files, compliance records, and recruitment paperwork with clearer visibility controls.

Private request data

Community briefs can share the request context while keeping private contact details and agency-specific responses controlled.

Audit-ready workflows

Version history, document status, review trails, and timestamped activity help teams reconstruct what changed and when.

Security approach

Controls that match agency risk.

The priority is clear: keep private agency work protected, accountable, and reviewable before deadline pressure starts.

Least privilege

Keep access scoped to the workspace, role, and workflow where the work happens.

Protected workspaces

Route private agency screens and CRM APIs through authenticated, organization-aware checks.

Confidential records

Treat mandates, contracts, player files, club contacts, and recruitment notes as sensitive by default.

Reviewable activity

Preserve status, version, and activity context so security and operations reviews have a trail.

Careful vendor handling

Discuss subprocessors, data handling, and review materials during rollout before sensitive workflows go live.

Security review FAQ

Clear answers before rollout.

Can we review security before rollout?

Yes. Use the security contact path before rollout so your agency can review authentication, workspace access, document handling, and data questions before live work moves into Next11.

How are confidential documents handled?

Sensitive files can be marked confidential so teams can identify contracts, player documents, medical records, compliance files, and recruitment paperwork that need controlled handling. This page does not promise uploader-only or per-user-only document access.

What happens to confidential information in community requests?

Community briefs can share the request context needed for collaboration while private contact details and agency-specific responses remain controlled. The goal is to collaborate without exposing every internal detail.

How is authentication protected?

Private workspace routes and CRM APIs are protected by Clerk-backed authentication and organization-aware checks before users can access agency data.

Do you have SOC 2 or ISO 27001?

Not published yet. We avoid claiming certifications before they are complete, and available security materials can be discussed during rollout review.

Security review

Need a security review before rollout?

Review common security questions or join the waitlist when your agency is ready to discuss rollout.