Enterprise-Grade Security
Your business data is protected by industry-leading security measures, compliance certifications, and a commitment to privacy.
Security Architecture
Multiple layers of protection ensure your data remains secure and private at all times
End-to-End Encryption
All data transmitted between your browser and our servers is encrypted using TLS 1.3, the latest and most secure encryption protocol.
Isolated Infrastructure
Each component runs in isolated containers on Render and Vercel, with automatic security patches and zero-downtime deployments.
Secure Data Storage
Your data is stored in Supabase with row-level security, automatic backups every 6 hours, and point-in-time recovery.
Advanced Authentication
Multi-factor authentication, secure session management, and OAuth 2.0 integration protect your account from unauthorized access.
Privacy by Design
We follow privacy-first principles, collecting only essential data and giving you full control over your information.
Redundant Architecture
Multi-region deployment across AWS infrastructure ensures 99.9% uptime and protection against regional outages.
Compliance & Certifications
We maintain the highest standards of compliance to protect your business
SOC 2 Type II
Demonstrating security, availability, and confidentiality
75% Complete
ISO 27001
Following international security management standards
100% Complete
GDPR Compliant
Full compliance with EU data protection regulations
100% Complete
CCPA Compliant
California Consumer Privacy Act compliance
100% Complete
Infrastructure Security
Multi-layered security architecture protecting every aspect of your data
Edge Security
DDoS Protection, WAF, SSL/TLS
Application Security
Container Isolation, API Security, MFA
Data Security
Encryption at Rest, Backups, RLS
Security FAQ
Common questions about our security practices
How secure is MyRoofGenius for my business?
MyRoofGenius employs bank-level security measures including 256-bit encryption, secure cloud infrastructure, and continuous security monitoring. Your data is protected by multiple layers of security and stored in SOC 2 compliant data centers.
Where is my data stored?
Your data is securely stored in Supabase cloud infrastructure, which is built on top of AWS. Data is replicated across multiple availability zones for redundancy and backed up every 6 hours with 30-day retention.
Who has access to my data?
Only you and authorized users in your organization have access to your data. Our engineering team can only access data when explicitly authorized by you for support purposes, and all access is logged and audited.
How do you protect against data breaches?
We employ multiple security layers including Web Application Firewall (WAF), DDoS protection, intrusion detection systems, and 24/7 security monitoring. All systems are regularly penetration tested and security audited.
What happens to my data if I cancel?
You own your data. You can export all your data at any time. If you cancel, we retain your data for 90 days to allow for reactivation, after which it is permanently deleted from all systems including backups.
Ready for Enterprise-Grade Security?
Join thousands of roofing professionals who trust MyRoofGenius with their business data