Saferad.io

Data Security

1. Current Status

User data for SafeRad.io is stored on Supabase (managed PostgreSQL), with Supabase Auth providing sign‑in and session management. The information below outlines our current safeguards.

2. Platform Foundations

  • Managed PostgreSQL with Row Level Security (RLS) and policy-based access controls to keep tenant data isolated.
  • Encryption by default: HTTPS/TLS for data in transit and encryption at rest within Supabase’s managed environment.
  • Supabase Auth for identity, with securely hashed passwords and session management.
  • Automated backups and point‑in‑time recovery capabilities managed by Supabase.
  • Independent security attestations from Supabase (e.g. SOC 2 Type II). See Supabase’s published security posture for details.

This foundation gives SafeRad a modern, compliance‑ready baseline we can extend for enterprise requirements when needed.

3. Third-Party Services

We keep our vendor list small so it’s easy to understand how data moves around the platform:

  • Supabase – managed PostgreSQL, authentication, file storage, and automated backups.
  • Web3Forms – handles the marketing site contact/demo forms so messages land in our inbox quickly.
  • Email service providers – used to send transactional updates and support replies.

Before we plug in a new service we review its security posture and document what data it touches so there are no surprises later on.

For enterprise customers who require formal attestations (SOC 2, SOC 3, ISO 27001, GDPR, etc.), we plan to onboard automation tooling such as Vanta to streamline compliance programs.

4. Contact

We're a small, hands-on team and every note goes straight to us. If you have a security question, need to chat through enterprise requirements, or just want to understand our roadmap, get in touch and we'll respond promptly. SAFERADIO PTY LTD (ABN 97 692 443 735) is the operator of SafeRad.io.