Features Pricing About Log In Start Free Trial

Security

Last Updated: February 1, 2026

Our Security Commitment

Your restaurant data is critical to your business. We treat it with the same care you would. RestaurantSaaS is built with security at its core, not as an afterthought.

Infrastructure Security

๐Ÿ”’

Encryption in Transit

All data transmitted between your browser and our servers is encrypted using TLS 1.3, the latest and most secure protocol available.

๐Ÿ—„๏ธ

Encryption at Rest

All data stored in our databases is encrypted using AES-256 encryption. Backups are also encrypted.

โ˜๏ธ

Cloud Infrastructure

We host on enterprise-grade cloud infrastructure with SOC 2 Type II certification, ensuring physical and network security.

๐Ÿ”„

Automated Backups

Daily automated backups with point-in-time recovery. Backups are stored in geographically separate locations.

Application Security

๐Ÿ”‘

Authentication

Secure authentication powered by Clerk, supporting multi-factor authentication (MFA), SSO, and passwordless login options.

๐Ÿ‘ฅ

Role-Based Access Control

Granular permissions ensure users only access what they need. Admins control who can view, edit, or manage different areas.

๐Ÿ›ก๏ธ

Input Validation

All user inputs are validated and sanitized to prevent SQL injection, XSS, and other common attacks.

๐Ÿ“

Audit Logging

Comprehensive audit logs track all significant actions, providing accountability and forensic capability.

Payment Security

๐Ÿ’ณ

PCI Compliance

We never store credit card numbers. All payment processing is handled by Stripe, a PCI-DSS Level 1 certified provider.

๐Ÿฆ

Secure Transactions

Payment data is transmitted directly to Stripe using their secure SDK, never passing through our servers.

Operational Security

๐Ÿ‘จโ€๐Ÿ’ป

Employee Access

Access to production systems is strictly limited to authorized personnel. All access requires MFA and is logged.

๐Ÿ”

Security Monitoring

24/7 monitoring for suspicious activity, with automated alerts for potential security incidents.

๐Ÿงช

Security Testing

Regular vulnerability assessments and penetration testing by third-party security experts.

๐Ÿ“‹

Incident Response

Documented incident response procedures ensure rapid and effective handling of any security events.

Data Protection

๐ŸŒ

Data Residency

Data is stored in secure data centers in the United States. Enterprise customers can discuss specific data residency requirements.

๐Ÿ—‘๏ธ

Data Deletion

When you delete data or close your account, it's permanently removed from our systems within 30 days.

๐Ÿ“ค

Data Portability

Export your data at any time in standard formats. Your data belongs to you.

Compliance

GDPR EU Data Protection
CCPA California Privacy
SOC 2 Type II (Infrastructure)
PCI DSS Level 1 (via Stripe)

Responsible Disclosure

We value the security research community. If you discover a security vulnerability, please report it responsibly to security@restaurantsaas.com.

Please include:

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Your contact information

We commit to acknowledging reports within 48 hours and keeping you updated on remediation progress.

Questions?

For security-related questions or concerns, contact our security team:

Email: security@restaurantsaas.com