Built for tenant trust.
We treat your candidate database, call recordings, and pipeline data as the most sensitive parts of the system. The controls below are live in production for our pilot cohort.
Controls in place today
Tenant isolation
Every table is row-level-security-enforced at the Postgres layer. A tenant cannot read another tenant’s candidates, calls, or pipeline. Enforced at the database, not just the UI.
Encryption in transit + at rest
TLS 1.2+ on every connection. AES-256 at rest in Supabase storage. Object URLs are signed and short-lived for transcripts and recordings.
Auth + RBAC
JWT-based auth with five role types (owner, manager, recruiter, sourcer, viewer). Every API route is scope-checked; column-level permissions enforced in the RLS policy.
Audit trail
Every stage move, transcript, call, billing transaction, and admin action lands in the events table — timestamped, queryable, immutable for the customer.
Sub-processors
Plivo (VOIP), Deepgram (ASR), Gemini (inference), Razorpay (billing), Supabase (database). All under DPA; SCCs where applicable. Listed publicly in our privacy policy.
Backups + recovery
Daily encrypted backups with a 30-day retention window. Tested restore drills monthly. RPO 24h, RTO 4h on the founders’ runbook.
Roadmap
- SOC 2 Type II — controls aligned today; formal audit window scheduled for Q4 2026.
- SSO + SAML — Google and Microsoft, with SCIM provisioning on Enterprise. Targeting Q3 2026.
- MFA on admin actions — TOTP and backup codes for owner / manager roles. Targeting Q3 2026.
- Bug bounty — private programme opens with the SOC 2 audit kickoff.
Report a vulnerability.
Found something concerning? Email security@inferowl.com. We respond within one business day and credit responsible disclosures on this page.