Security

How TruckMates handles data today — accurate, not marketing certifications we don't hold.

Infrastructure (Supabase)

Application data is stored in Supabase— managed PostgreSQL, authentication, and storage. Connection to the app uses HTTPS. Supabase provides encryption at rest and in transit as described in their documentation; we don't run our own data centers or claim independent SOC 2 / ISO audits for TruckMates as a separate product.

Access & authentication

Sign-in is handled through Supabase Auth (email/password and supported providers you enable).
Sessions use secure cookies in the browser as implemented by the framework and Supabase client.
Role-based access in the app limits what each user can see and do (fleet vs driver, etc.).

Row-level security (RLS)

Database access is designed around PostgreSQL row-level security so tenant and user data are separated according to the policies we ship with the product. This is application-enforced data isolation, not a substitute for your own legal or compliance review.

What we don't claim

TruckMates does notadvertise SOC 2 Type II, ISO 27001 certification, a public bug bounty, 24/7 dedicated security operations center, or penetration-test reports specific to this product unless we publish them explicitly. If you need formal attestations for procurement, contact us with your requirements and we'll be honest about what exists today.