Skip to content

Security at Guidewinds

Your data security is our priority. Here's how we protect your business and your customers.

Encryption in Transit

All data transmitted between your browser and our servers is encrypted using TLS 1.3. We enforce HTTPS on all connections and use HSTS to prevent downgrade attacks.

Encryption at Rest

Your data is stored in Supabase PostgreSQL databases with AES-256 encryption at rest. Backups are also encrypted.

Payment Security

We never store credit card numbers. All payment processing is handled by Stripe, a PCI-DSS Level 1 certified payment processor—the highest level of certification.

Daily Backups

Your data is backed up daily with 7-day retention. In case of any issues, we can restore your data quickly.

Access Controls

Role-based permissions ensure team members only see what they need. All admin actions are logged for accountability.

Data Portability

Your data belongs to you. Export everything—bookings, customers, services—anytime from your dashboard.

Infrastructure

Hosting

Vercel Edge Network with automatic failover and DDoS protection.

Database

Supabase PostgreSQL with automatic backups and point-in-time recovery.

Payments

Stripe Connect handles all payment data. PCI-DSS Level 1 certified.

Email

Resend for transactional email with SPF, DKIM, and DMARC authentication.

Compliance & Policies

Security Questions?

If you have questions about our security practices or want to report a vulnerability:

security@guidewinds.com