Multi-tenant isolation at the database level, encryption and least-privilege access — security is part of the architecture, not an add-on.
Row-Level Security on every table — one company can never read another's data, enforced at the database, not just in code.
All traffic over TLS; data and files encrypted at rest by the managed infrastructure.
Documents, scans and recordings are served via short-lived signed URLs — never public links.
Every server function verifies the user (JWT) and company membership; client-supplied IDs are never trusted.
API keys live only in server secrets; cron endpoints are protected; access is scoped to what each role needs.
Managed PostgreSQL with backups, hardened auth triggers and a GDPR-aligned data approach.