Enterprise-Grade Security
Security and privacy controls are configured through your deployment and infrastructure providers.
Security Architecture
Multiple layers of protection ensure your data remains secure and private at all times
Encryption in transit
Traffic between your browser and the application is encrypted in transit using standard TLS.
Isolated Infrastructure
Workloads run on managed infrastructure. Security controls depend on your hosting configuration and deployment choices.
Secure Data Storage
Data is stored in the configured database provider for your deployment. Access controls and policies are applied where supported.
Advanced Authentication
Authentication and session handling are provided by the configured identity provider (for example, Supabase Auth).
Privacy by Design
Privacy-first principles: collect only what is needed for the product, and provide controls to manage your data.
Redundant Architecture
Operational monitoring and health checks help surface issues early. Availability characteristics depend on your deployment.
Infrastructure Security
Multi-layered security architecture protecting every aspect of your data
Edge Security
TLS termination and hosting-provider protections
Application Security
Authentication, authorization, and server-side secrets
Data Security
Database policies and least-privilege access
Security FAQ
Common questions about our security practices
How secure is MyRoofGenius for my business?
MyRoofGenius is designed with standard security best practices in mind (encryption in transit, access controls, and least-privilege). Exact controls depend on your deployment and provider configuration.
Where is my data stored?
Data is stored in the configured database/storage provider for your deployment (often Supabase). Review your environment configuration for the authoritative source of truth.
Who has access to my data?
Access is controlled by your organization’s users and the permissions/policies configured in your deployment. Support access, if any, should be explicitly authorized and scoped to the minimum needed.
How do you protect against data breaches?
Defense-in-depth: authentication, authorization, provider-level protections, and monitoring. Specific controls and guarantees depend on your hosting and database providers.
What happens to my data if I cancel?
You can export your data. Retention and deletion behavior depends on your billing configuration and deployment settings.
Security questions?
Contact support to discuss requirements and request security documentation for your deployment.