Encryption
All data is encrypted in transit and at rest using industry-standard protocols.
- TLS 1.3 for all data in transit
- AES-256 encryption at rest
- Encrypted database backups
- Secure key management via cloud HSM
Authentication
Robust identity verification ensures only authorised users access your data.
- Email and password authentication
- Multi-factor authentication (MFA) support
- SSO via SAML 2.0 (Enterprise plans)
- Session management with automatic timeout
Access Controls
Fine-grained permissions keep data visible only to those who need it.
- Organisation-level data isolation
- Role-based access controls (RBAC)
- Invite-code team management
- Audit logs of all user actions
Infrastructure
Hosted on world-class cloud infrastructure with built-in redundancy.
- Supabase (built on AWS) cloud hosting
- Automatic failover and high availability
- Geographic data residency options
- 99.9% uptime SLA (Enterprise)
GDPR & Compliance
We take regulatory compliance seriously and respect data privacy rights.
- GDPR-compliant data processing
- Data Processing Agreement (DPA) available
- Right to access, rectification, and deletion
- Data portability via export tools
Data Retention & Backup
Your data is backed up continuously and retained according to clear policies.
- Daily automated backups with 30-day retention
- Point-in-time recovery capability
- Data deleted within 30 days of account closure
- Export all data before cancellation at any time