Data Handling & Security Statement

1. Data Storage

• All data is stored in Supabase PostgreSQL.
• Backups are automatically maintained for disaster recovery.

2. Data Isolation

• Row Level Security ensures each store accesses only its own data.
• Employees can only access tasks assigned to their store.

3. Encryption

• All data in transit uses HTTPS/TLS
• Passwords hashed using industry-standard algorithms

4. Access Control

• Role-based permissions: Owner, Manager, Shopper
• Admin access limited to onboarding and verification tasks

5. Audit Logs

We maintain logs of:

• Login attempts
• Password reset events
• Business application activity
• Task status changes