Trust

Security at NotifyCurbside

Field sales data is sensitive. Here's how we protect it from the first recording to the last sync.

Encryption

TLS 1.2+ in transit. AES-256 at rest for all stored data, including audio and transcripts.

Access control

Row-level security on every table. Least-privilege roles for engineers. SSO and MFA available for organizations.

Data isolation

Each customer's data is scoped by tenant identifiers and enforced at the database layer, not just the app.

Monitoring

Centralized logging, anomaly alerts, and audit trails on authentication and data access.

Compliance

SOC 2 Type II in progress. GDPR-aligned data handling. DPA available on request.

Report a vulnerability

We welcome responsible disclosure. Email contact@notifycurbside.com with details and steps to reproduce. We aim to acknowledge within one business day.