Your relationships are sacred. We treat your data the same way.

PracticeOS handles sensitive relationship data: your contacts, your communication patterns, your client engagements. Here's exactly how we protect it.

Database-Enforced Isolation

Every piece of data in PracticeOS is isolated to your account using Row-Level Security (RLS) at the PostgreSQL database layer. This isn't application-level filtering that could have bugs. It's a database-enforced wall. Every query is automatically scoped to your user ID. User A literally cannot access User B's data, even if something goes wrong at the application layer.

Row-Level Security on every table

Zero Password Storage

Authentication is handled by Clerk, an enterprise-grade identity provider. We use OAuth through Google and Microsoft. We never see, store, or process your password. Sessions use short-lived JWT tokens with automatic refresh. Your email and calendar OAuth tokens are stored exclusively in Clerk's secure infrastructure, never in our database. We request fresh, short-lived access for each operation.

OAuth 2.0 via Clerk

AI That Respects Boundaries

Your data is never shared between users in AI prompts. Every AI call is scoped to your account only. Personally identifiable information (Social Security numbers, credit card numbers, phone numbers, financial figures) is automatically scrubbed before any AI processing. Email bodies are not stored in our database. We store AI-generated drafts that you approve, not the original emails. Your voice profile is built from your communication patterns and used only for your drafts. No cross-user training. No data sharing.

Automatic PII scrubbing

Nothing Sends Without You

Every outbound action passes through six verification gates:

  1. 1.Feature flag check: is this action type enabled for your account?
  2. 2.Autonomy level check: has your usage earned this trust level?
  3. 3.Explicit approval: did you approve this specific action?
  4. 4.Checksum verification: does the content match exactly what you approved?
  5. 5.Rate limiting: within safe thresholds?
  6. 6.Immutable audit log: recorded permanently

Nothing leaves your account without your explicit approval.

Six-gate safety system

Encryption at Every Layer

All data encrypted in transit via HTTPS/TLS on every connection. Database encrypted at rest through Supabase's infrastructure encryption. Sensitive fields (integration tokens) encrypted with AES-256-GCM, the same standard used by financial institutions, with a unique initialization vector per field.

AES-256-GCM encryption

Complete Audit Trail

Every action in your account is logged to an immutable audit trail: emails sent, contacts updated, drafts approved, settings changed. These logs cannot be modified or deleted. You can export your complete data at any time. Soft-deleted data is retained for 90 days before permanent removal.

Immutable audit logging

Built-in Abuse Protection

Email sends5 per minute
AI operations10 per minute
General API60 per minute
Voice profile generation3 per day

Security Roadmap

  • SOC2 Type II certification (foundational architecture is compliant-ready)
  • GDPR Data Processing Agreement
  • Third-party penetration testing
  • Self-serve audit log viewer

Questions about security?

We're happy to walk through our security architecture in detail.

Get in touch