Security
Your data,
treated like it matters.
Postgres row-level security. 5-layer tenant isolation defence. UK hosting. Magic-link auth with optional 2FA. Audit log on every action. Built by an operator who understands what's at stake when customer data leaks.
UK
Data residency · London (eu-west-2)
5x
Tenant isolation defence layers
24/7
Sentry error tracking · auto-paged
∞
Audit log retention · Business+
Defence in depth
5-layer tenant isolation.
No single layer is trusted. A bug in app code, a misconfigured RLS policy, a leaked magic-link — each is contained by the next layer. Combined, the surface is harder than the surface of a single-tenant install.
01
URL gate
/app/[slug] layout verifies membership before render
02
tenantClient
Helper auto-applies tenant_id on every Supabase call
03
Postgres RLS
is_workspace_member() check via auth.uid() join
04
service-role rule
4 sanctioned cases only · ESLint-enforced
05
Regression suite
12-test SQL + 10-scenario manual checklist
UK hosting
Supabase London (eu-west-2). Your customer data stays in the UK. Documented under the UK→EU adequacy decision.
Magic-link auth
15-min single-use tokens. Optional 2FA on Pro. Required on Business+. Sign-out-everywhere via Supabase admin API.
Audit log
Every action (create / update / archive / payment / sign-off) lands an immutable audit row with actor + IP + UA + payload_diff.
Daily backups
Point-in-time recovery on Supabase Pro. 7-day retention. Per-workspace export available on request.
Sentry + Cloudflare
Errors auto-paged via Sentry. Cloudflare WAF in front (DNS-only currently, proxied post-launch).
GDPR-friendly
Polish controller (MRJ). DPA available on request. Right-to-erasure honoured via /settings/general delete + cron purge.
Roadmap
Coming soon
- SSO (Google Workspace + Microsoft 365) on Enterprise
- SOC 2 Type II reports available to Enterprise customers once attained
- External penetration test + summary report published