Security & Trust First

Your business invoicing and customer records are isolated at the database layer. We enforce PostgreSQL Row-Level Security (RLS) policies, ensuring that one tenant can never access or query another tenant’s data under any condition.

All network connections are encrypted using TLS 1.3. Your database logs, credentials, and client directories are encrypted at rest using AES-256 standards, protecting your records from physical and network-level security threats.

We authenticate users using verified token exchanges (Supabase Auth). Credentials are encrypted and hashed before database storage, protecting accounts from dictionary and brute-force intrusion vectors.

Your invoicing workspace is backed up automatically every 24 hours. Backups are stored in isolated, geographically redundant cloud nodes, allowing point-in-time database restoration in case of service interruptions.

We do not sell, rent, or monetize your client data or invoice records. Your business directory remains completely private to you. Internal staff can only access logs during active, user-permitted support sessions.

We believe you own your data. You can download your entire invoice directory, client lists, and accounting logs in standard JSON or CSV formats at any time. There are no lock-ins or fees to export your history.