Security you can verify, not just trust
We describe the actual mechanisms protecting your shop's data — no vague badges, no borrowed buzzwords. This page says only what the platform really does.
What protects your data
Tenant isolation, enforced by the database
Every shop's data is segregated with forced Postgres row-level security. The isolation lives below the application layer — application code cannot opt out of it.
Role-based access & 2FA
Owners, managers, and drivers each get exactly the permissions their role needs. Owners can enforce two-factor authentication for their whole team.
Full audit trail
Order edits, user changes, and inventory adjustments are logged with who did what and when — reviewable by the shop owner.
Encryption
Data is encrypted in transit (TLS). Storage is encrypted at rest by our hosting infrastructure, with additional application-layer encryption for sensitive credentials and integration secrets.
Your data, exportable
Full data export is part of the base plan. If you leave, your records leave with you — and data received from any connected third-party service is deleted when the integration is disconnected, as described in our Privacy Policy.
Breach notification
If a breach affects personal information, we notify affected parties and integration partners as required by law and by our agreements — the process is described in our Privacy Policy.
Reporting a vulnerability
Found a security issue? Email security@kamui.digital with the details and we'll respond promptly. Please don't access other tenants' data while testing — a proof of concept against your own account is enough.
For how we handle personal information — including our information-security program and breach-notification process — see the Privacy Policy.