Row-level data access
Client data is isolated with Supabase Row Level Security so each client can only access its own records.
Back to home
Trust overview
Security controls built for automotive service operations.
SynaNoteAI combines authenticated access, row-level data isolation, audit logging, rate limiting, and protected session handling so automotive service organizations can review the security controls that are currently implemented for client data and service usage.
Current production safeguards
The current implementation includes client-data isolation, controlled service access, protected transport, and operational logging. Internal admin safeguards are listed here only where they support those protections rather than describe client-facing product capabilities.
Admin MFA
Super-admin access is protected with enforced multi-factor authentication and session controls for privileged actions.
Audit logging
Administrative actions are recorded with timestamps, IP address, user agent, and change details for accountability.
Session protection
Tool access and account session state are issued server-side through HttpOnly cookies rather than browser storage.
Rate limiting and abuse controls
Public and authenticated APIs are rate-limited, and internal readiness checks are separated from privileged operations.
Network restrictions
Admin access can be restricted with IP allowlisting, and transport to the app and its processors is encrypted in transit.
Related public documentation
Additional public details about implemented safeguards and data handling are available in the Privacy Policy and the public contact path.