Data & Infrastructure

Built on secure, scalable cloud infrastructure

Venduris is designed on modern cloud architecture with security, isolation, and reliability built into every layer — from database design to edge compute and network protection.

Hosting & Architecture

Venduris runs on Supabase Cloud infrastructure (built on AWS) with a managed PostgreSQL database.

• Serverless backend powered by 40+ edge functions (Deno runtime)

• Low-latency processing via global edge deployment

• Frontend delivered through a global CDN with automatic HTTPS

This architecture ensures performance, scalability, and high availability across regions.

Data Storage

All customer data is stored in secure, managed systems with strict isolation controls.

• Primary database: PostgreSQL with enforced row-level security (RLS)

• Document storage: Secure object storage (S3-backed via Supabase Storage)

• File integrity: All uploaded files are hashed using SHA-256 for tamper detection

Every request is scoped to the authenticated user’s organization.

Encryption

Data is protected both in transit and at rest using industry-standard encryption.

• In transit: TLS 1.2+ (HTTPS enforced with HSTS)

• At rest: AES-256 encryption (database and storage)

• Secrets protection: Sensitive tokens are hashed and never stored in plain form

Multi-Tenant Isolation

Venduris enforces strict data separation at the database level.

• Row-level security ensures all queries are scoped by company

• No shared data access across tenants

• Authorization enforced via secure database functions

• Storage paths are isolated per user and workspace

This design prevents cross-tenant data access by construction.

Data Retention & Lifecycle

Data is retained and managed according to clear lifecycle rules:

• Audit logs retained for 12 months

• Privileged admin logs retained for 24 months

• Usage event data retained for 90 days

• Expired access tokens automatically removed

• Contract and record history preserved as an immutable system of record

Data Portability & User Rights

Venduris supports modern data protection requirements:

• Full data export available on request

• Structured data deletion workflows with validation and approval

• Audit logs are anonymized (not deleted) to preserve integrity

• Versioned consent management with granular controls

Backup & Availability

The platform is designed for resilience and continuity:

• Automated daily backups with point-in-time recovery

• Continuous system health monitoring

• Storage and database availability checks

• Session resilience with automatic revalidation

API & Network Security

All platform interactions are protected by strict network controls:

• Security headers enforced on all responses

• Rate limiting on sensitive endpoints

• JWT-based authentication across API endpoints

• Origin-restricted CORS policies

These measures reduce attack surface and protect against misuse.

Infrastructure Summary

• Data at rest: PostgreSQL on AWS infrastructure (AES-256 encrypted)

• File storage: S3-backed object storage (encrypted at rest)

• Data in transit: TLS 1.2+ with HTTPS enforcement (HSTS)

• Compute layer: Serverless edge functions (global deployment)

• Frontend delivery: CDN-based global distribution

Questions?

For more details about our infrastructure and data handling practices:

security @ venduris.com