Security and Trust

Built for pooled multi-tenant restaurant operations.

This page summarizes the controls we use to protect restaurant operators, staff, and customers across storefront, admin, POS, KDS, payments, wallet, and platform surfaces.

Tenant Isolation

Each restaurant runs on the same platform codebase, but business data is tenant-scoped. Requests resolve a restaurant before data access, application queries include tenant context, and database row-level security adds a second isolation layer.

Payments

Card payments are handled by Stripe. The platform does not store full card numbers, CVV values, magnetic stripe data, or raw payment method details. Restaurants connect payment processing through controlled Stripe flows.

Backups and Recovery

Production database backups are encrypted before off-site storage. Restore drills are practiced against scratch databases first, and tenant-specific recovery is reviewed so one restaurant's data is not replayed into another tenant.

Monitoring

The platform monitors application health, platform errors, uptime, TLS certificates, system resources, cron jobs, email health, and backup freshness. Security-relevant denials are audit logged for investigation.

Access Controls

Restaurant admin access, staff access, platform operator access, and API tokens are separated. High-risk platform actions require explicit capabilities, audit logs, and additional confirmations where appropriate.

Data Ownership

Restaurants own their restaurant data, menu data, customer relationships, order history, loyalty records, and operational settings. The platform processes that data to provide ordering, POS, reporting, loyalty, and support workflows.

Report a Security Concern

If you believe you found a vulnerability or data exposure, email [email protected]. Include the affected URL, tenant or restaurant name if known, timestamps, and a safe description of what you observed. Do not include passwords, private keys, full card data, or unrelated customer information.

We review reports in good faith and prioritize issues involving tenant isolation, payment handling, authentication, authorization, secrets, and customer data exposure.