Skip to main content

Governance Model

  • Multi-tenant isolation with Auth0 Orgs and Supabase RLS
  • Encryption at rest and in-flight
  • Backups with tested restore procedures

Retention and Lifecycle

  • Policy-based retention windows
  • Soft-delete with purge windows
  • Export formats: JSON/CSV bundles on request

Access Controls

  • Scoped tokens
  • Admin-only read across tenants via break-glass, audited
See also: Compliance, Security.