Your data protection is our priority. Here's how we keep your documents safe.
All data is encrypted at rest using AES-256 encryption via our infrastructure provider (Supabase/AWS). All connections use TLS/HTTPS for encryption in transit — API endpoints, frontend, and file storage are fully encrypted.
All data is stored in US West (Oregon). Database runs on Supabase managed Postgres (AWS). Uploaded PDFs are stored in Supabase Storage (AWS S3). Frontend is served via Vercel CDN.
JWT-based authentication with in-function verification on every endpoint. Row-level security (RLS) enforced at the database level on every table. Role-based access control with super_admin, team_admin, and user roles. Invitation-based team onboarding with token expiry.
CORS restricted to authorized domains only. Rate limiting on all sensitive endpoints. Security headers on every response (HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy). Cloudflare Turnstile CAPTCHA on public forms.
Every sensitive operation is logged with who, what, when, and from where — including document uploads, deletions, team changes, and subscription events. Structured logging via Axiom for real-time monitoring and alerting.
Our infrastructure and practices are designed with SOC 2 readiness in mind. Codebooqs handles operational documents such as equipment manuals and code books — no protected health information is stored or processed.
Have security questions? Contact us at support@codebooqs.com