Midrung
Request demo
Trust • Starter 1.0

Built honest from the start.

Manufacturing software that tells you what it does — and what it doesn't do yet. Here's exactly where Midrung stands on security, compliance, and your data.

Security Privacy Terms

Security posture

Login
Sign in with your email. We never store your password — we use Amazon Cognito as the identity provider, the same service used by banks and healthcare apps.
Session safety
Short-lived login tokens that automatically refresh. If your laptop is stolen, a signed-out token stops working immediately. No cookies sitting around in old browsers.
Your shop is walled off
Every customer, part, and job is fenced to your organization at the database level — not just in the app. Other shops can't see your data. Ever.
Encryption
All data encrypted in transit (TLS 1.2+) and at rest (AES-256) in AWS. Document attachments use separate encryption keys and signed URLs.

Export control boundary

Midrung Starter is not certified for ITAR, CUI, FedRAMP, DFARS, or CMMC workloads. If you have regulated defense data, talk to us before loading it — those environments are on the OS roadmap, not shipping today.

Regulated data Not supported Don't load ITAR/CUI today Quality records AS9100 / ISO friendly Not ourselves certified

Compliance posture

Midrung supports the record-keeping that AS9100 and ISO-certified shops expect — routings, inspection plans, part revisions, document attachments, and audit history. We're not ourselves certified today, and we won't pretend otherwise.

Your data is yours

Export every customer, part, job, and shipment to CSV anytime. Cancel and your workspace goes read-only — we don't delete your records, and we don't hold your data hostage.

Legal surfaces

This page summarizes product and security boundaries. For legal terms, see the dedicated pages.

Privacy Terms

What Starter doesn't do (yet)

Honest about scope. These belong to Control, OS, or later releases.

  • Multi-company consolidations.
  • External customer or supplier portals (coming in OS).
  • ITAR, CUI, FedRAMP, DFARS, or any government-regulated workload.
  • Genealogy-grade serial or lot traceability.
  • Full CAPA, calibration management, governed NCR/DMR workflows, controlled documents, training, or qualification tracking.
  • Advanced finite-capacity scheduling, ATP/CTP simulation, governed audit packets, or autonomous AI decisioning.
  • Named third-party integrations we haven't explicitly shipped and tested.

Have a regulated or multi-site requirement?

Talk to us on the demo call. We'll tell you whether your requirement fits Starter today, is on the Control or OS roadmap, or isn't Midrung at all.

Request demo See roadmap