Encryption at rest
Supabase-managed Postgres uses AES-256 for storage and snapshots.
Security
How we keep your customer data safe.
Ochre handles support conversations, customer PII, and optional AI provider keys. Here is exactly how that data is stored, who can see it, and what we have not built yet.
What we do
Controls that are live today.
Encryption in transit
TLS 1.3 everywhere. The apex domain is HSTS-preloaded.
Postgres RLS
Tenant data carries org_id and row-level policies reject cross-tenant reads.
BYOK secret encryption
Provider keys are encrypted server-side and never exposed to client JavaScript.
Signed webhooks
Stripe, GitHub, Linear, HubSpot, Slack, and Resend payloads are verified before handler logic runs.
Security hardening
CSP nonces, SSRF guards, replay protection, and ongoing RLS review are part of the operating rhythm.
What is not ready yet
SOC 2
Not started. We will publish audit status when it begins.
HIPAA / BAA
Not in scope for v1. Ochre is not the right system for PHI yet.
FedRAMP
Out of scope for the current product.
Self-hosting
Not offered. Ochre is a managed product.
Subprocessors
Vercel
Application hosting and edge
Global edge, primary US
Supabase
Postgres, Auth, Storage
AWS us-east-2
Anthropic
LLM inference through customer key
Customer-keyed
OpenAI
LLM inference through customer key
Customer-keyed
Resend
Transactional and outbound email
US
Stripe
Subscription billing
US / global
Need a security review?
Send the questionnaire or book a rollout call. We will be direct about current controls and gaps.
Contact security