Your data security is non-negotiable.
Built on AWS and Supabase with enterprise-grade infrastructure. Every layer of TryGruff is designed to keep your clients' financial data safe.
Trusted infrastructure
Built on platforms with industry-leading compliance certifications.
AWS
Supabase
SSL / TLS
Security at every layer
From database isolation to AI processing, every component is built with security as a first-class concern.
Data Isolation
Row Level Security on every table. Complete tenant isolation at the database level — no client can ever access another client’s data.
Encryption
AES-256 encryption at rest. TLS 1.2+ for all data in transit. OAuth tokens and sensitive credentials stored encrypted.
Authentication
Supabase Auth with secure session management. OAuth tokens for Xero, Gmail, and Slack are stored server-side only — never exposed to the client.
AI Processing
Google Gemini API with zero data retention. Your documents are never used for AI model training. Processed data stays yours.
Infrastructure
Hosted on AWS Amplify (us-east-1) with Supabase PostgreSQL. Automated daily backups with point-in-time recovery.
Access Control
Two-role system: accountant and client. API-level authorization on every request ensures users only access what they’re permitted to.
Questions about security?
We take data protection seriously. Reach out and we'll walk you through our security practices in detail.
Contact Us