I have a question about security implementation nuances

Hello everyone. I have probably quite noob question.

So, if I have an account on Fibery, does it mean that I am the only Admin of my workspace, who has access to workspace’s data? Or is there some SuperAdmin, like Fibery Dev, who can have access to all workspaces, without knowing or consent of users?

In other words, no one else except me, even from Fibery team, has acces to my workspace data, since backend database is encrypted with my login password?

Generally speaking, I don’t know if the apps like fibery, notion, airtable (which are looking the same to me in said context) is secure against internal human factors, so that it’s as safe to store on them any sensitive data as on local PC hard drive. I’m not talking about external hackers right now.

I fully understand, that normally the answer to this question will be “yes we can”. But I know about databases that they always have some form of account permission policies, more strict than simple access restriction on local files via Windows tools. That’s why I’m asking this question - like, are these kinds of software somehow different from Google Drive, which is basically just a hard drive on a remote PC.

Hi, we are in the process of SOC 2 certification so we are taking security seriously. Fibery data is encrypted at rest, but technically some engineers from Fibery team can access it with your permission. Without your permission our internal policy don’t allow to access your data.

I guess the internal policy isn’t hard-coded, am I right? In a way that this permission is technically required for access, like in the process of integration some third-party tools: “Do you agree to give access to servicename?”