Quick Links
1 - Infrastructure Security
Hosted on Vercel (frontend) and Supabase (database) with managed security
Encrypted at rest and in transit
Environment-separated credentials (dev, staging, production)
Automated dependency monitoring
2 - Access Control
Role-based permissions (admin, ops, client, partner)
Scoped portal access per organization
Session-based authentication with secure cookies
Team member access managed by client admins
3 - Data Isolation
Row-level security enforced at the database layer
Each client's data is logically isolated -- no cross-client queries possible
API keys scoped per integration, per client
Separate sending infrastructure per client
4 - Outbound Data Handling
Lead data sourced from licensed providers (Apollo, public records)
Suppression lists honored automatically
Bounced and unsubscribed contacts flagged immediately
Do-not-contact requests processed within 24 hours
6 - Incident Response
Security issues triaged within 24 hours
Affected clients notified directly
Root cause analysis and remediation documented
Post-incident review within 72 hours