Encryption
TLS 1.2+ in transit and AES‑256 at rest. Secrets stored in a managed key service.
Security
Your data, protected by default
We follow modern security practices and keep raising the bar.
Least‑privilege access
Role‑based permissions; production access is limited and auditable.
Backups
Automated encrypted backups with periodic restore drills.
OAuth scopes
We only request the minimum Square scopes required to detect openings and book replacements.
Data retention
You control your data. We retain only what’s needed for operation and billing.
Logging & audit
Key events are logged (openings, notifications, replacements) to aid reconciliation.
Reliability
Queue‑based processing with retries and backoff; webhook failures surfaced for quick fixes.
Incident response
Documented procedures and customer notification according to our policy.
Questions or reports
Found a security issue or have a question? Reach out and select the “Security” topic.
Privacy & FAQ
See how we handle data and answer common questions.