Security Policy

SalesTrackLive

Security Document

Security Policy

Your data security is our top priority. Learn about our comprehensive security measures and practices.

Last updated: October 2025

Our Security Framework

We implement industry-leading security measures to protect your business data and ensure platform integrity.

Supabase Backend Security

Enterprise-grade database and authentication security

  • Supabase PostgreSQL with built-in encryption
  • TLS/SSL encrypted connections to database
  • Row Level Security (RLS) policies on all tables
  • Secure API key management for integrations
Authentication & Access Control

Multi-role authentication and authorization

  • Supabase Auth with email/password authentication
  • Role-based access (Admin, Manager, Merchandiser)
  • Session management with automatic token refresh
  • API key authentication for CRM integrations
Data Protection & Privacy

Comprehensive data protection measures

  • Multi-tenant data isolation by admin_id
  • User data encryption in transit and at rest
  • Automatic database backups and point-in-time recovery
  • GDPR-compliant data handling practices
API & Integration Security

Secure API endpoints and external integrations

  • Authenticated API routes with user verification
  • API key-based authentication for CRM systems
  • Rate limiting and request validation
  • Secure webhook handling for external services
Incident Response

In the event of a security incident, we have established procedures:

  • Supabase built-in security monitoring and alerts
  • Automatic database backup and recovery procedures
  • User session monitoring and anomaly detection
  • API rate limiting and abuse prevention
  • Regular security updates and patch management
  • Incident logging and audit trail maintenance
Data Protection

Supabase Backup & Recovery

  • • Automated daily database backups
  • • Point-in-time recovery capability
  • • Cross-region backup replication
  • • Disaster recovery procedures

Data Privacy & RLS

  • • Row Level Security on all tables
  • • Multi-tenant data isolation
  • • User data deletion capabilities
  • • GDPR-compliant data handling

Security Certifications & Compliance

Supabase

Enterprise PostgreSQL Platform

RLS Policies

Row Level Security Controls

GDPR

Data Protection Compliance

API Security

Authenticated Endpoints

Security Concerns?

Report security vulnerabilities or concerns to our dedicated security team.