Answer

How does Vexor handle data security?

TLS 1.2+ for all in-transit traffic with HSTS pinned for 1 year. AES-256 encryption at rest (Postgres + file storage). Row-level security on every database table — tenant data cannot cross tenant boundaries at the database layer. Authentication via Supabase Auth (bcrypt password hashing, JWT sessions, httpOnly cookies). Daily database backups with 30-day retention; 7-day point-in-time recovery.

Field worker clock-in uses 4-digit PIN scoped to device — those PINs don't grant access to the office admin app. Audit logging runs on every job (photo uploads, log entries, status changes, approvals).

We don't sell personal data, don't train external AI models on customer data, and disclose every data-processing activity in the privacy policy. GDPR + CCPA compliant.

Related: Full security posture

Start free trial← Browse all answers

Related answers

Is Vexor SOC 2 certified?

Not yet. SOC 2 Type II audit is on the roadmap (typical timeline 12-18 months from start). Vexor's v