Skip to content

Security

We take security seriously. Here’s how we protect your data.

Authentication

We use Clerk for sign-in and sign-up. Passwords are not stored by Fieldwright; Clerk handles credential storage and secure session management, including optional two-factor authentication.

Database and hosting

Your data is stored in Supabase (PostgreSQL). Our app runs on Vercel. Both providers use encryption in transit (TLS) and at rest. We don’t store credit card numbers; when we enable billing, Stripe will handle payments.

Access control

We use row-level security (RLS) in the database so each company only sees its own jobs, clients, quotes, and invoices. Server-side checks ensure every request is scoped to the authenticated user’s company.

Reporting vulnerabilities

If you discover a security issue, please report it responsibly. Contact us at our contact page and we’ll respond promptly. We ask that you don’t disclose the issue publicly until we’ve had a chance to address it.