Security
Security, compliance, and trust.
BldrOS is built with the security requirements of a financial platform. Every design decision prioritizes data isolation, auditability, and compliance.
Multi-Tenant Data Isolation
Every contractor's data is isolated at the database level using Postgres Row Level Security (RLS). Every table includes an organization identifier. Every query is filtered by the authenticated user's organization membership. No cross-tenant data access is possible — not through the API, not through the admin interface, not through direct database queries. Super-admin access is explicitly scoped and audited.
Immutable Audit Trail
Every mutation on every table — INSERT, UPDATE, DELETE — is captured in an append-only audit log. Each entry records the user ID, timestamp, table name, record ID, the operation type, and the complete before and after values as JSON. This log cannot be modified or deleted. It is designed to be legally defensible and available for compliance review at any time.
Encryption
All data is encrypted at rest using AES-256 encryption provided by the hosting infrastructure. All data in transit is encrypted using TLS 1.3. Database connections use SSL. API endpoints enforce HTTPS. No unencrypted data leaves the system at any point.
Authentication & Access Control
Authentication is managed through Supabase Auth, supporting email and password, magic links, and single sign-on (SSO). Session tokens are short-lived with automatic refresh. Role-based access control (RBAC) is enforced at both the application and database level. Roles include owner, GC admin, project manager, and field user — each with explicitly defined permissions.
Payment Security
All payment processing is handled by Stripe Connect (Standard accounts). BldrOS never stores credit card numbers, bank account details, or any sensitive financial data. Stripe is PCI DSS Level 1 compliant — the highest level of certification in the payment industry. KYC verification, chargeback management, dispute resolution, and 1099-K tax reporting are all managed by Stripe directly.
No Fund Custody
BldrOS operates as a platform, not a payment processor. Customer funds flow directly from the payer to the contractor's Stripe account. BldrOS collects a transparent platform fee via Stripe's application_fee_amount parameter. At no point does BldrOS hold, pool, or have custody of contractor or customer funds.
Compliance Readiness
The BldrOS architecture is designed to meet SOC 2 Type II requirements. This includes: logical access controls, audit logging, encryption at rest and in transit, incident response procedures, and change management processes. GDPR-aware data handling is implemented including data minimization and the ability to process deletion requests.
Infrastructure
BldrOS is hosted on Supabase (Postgres database, authentication, edge functions, and storage) and Vercel (frontend hosting and serverless functions). Both providers operate US-based data centers with 99.9% uptime SLAs. Infrastructure is managed, monitored, and patched by the respective providers. No self-hosted servers are used in the production architecture.