We use Supabase Auth for authentication, which leverages the Postgres' built-in Auth functionality. Supabase is a SOC2 type 2 compliant.
We enforce the PostgresSQL’s Row Level Security (RLS) which controls access to data in a database by row, so that users are only able to access the data they are authorized for
We support encrypted at REST with AES-256 and in transit via TLS.
Sensitive information like access tokens and keys are encrypted at the application level before they are stored in the database.
who has access to customer data