Back to SafarOS

Trust

Security at SafarOS

SafarOS is designed for sensitive group-travel operations, including traveller contact information, passports, documents, payments, and booking records. Security is built into the product architecture rather than added as a presentation layer.

Tenant isolation

Each agency workspace is isolated by agency ID. PostgreSQL row-level security policies and tenant-safe relationship checks prevent agency users from reading or writing another agency's operational records.

Authentication and access

SafarOS uses Supabase Auth for authenticated sessions. Role-based access controls distinguish owners, admins, agents, viewers, travellers, and tour leaders, with server-side checks and database policies enforcing access.

Private traveller documents

Traveller documents are stored in private storage. Access is evaluated through authenticated agency membership and scoped storage paths; permanent public document URLs are not used for sensitive files.

Least-privilege operations

Ordinary product workflows use the authenticated user's database access. Service-role credentials are restricted to server-only administrative workflows and are never exposed to browsers.

Operational resilience

SafarOS uses managed infrastructure for its database, authentication, and storage. Backup and recovery procedures are part of operational controls and are reviewed as the service grows.

Security reporting

If you believe you have identified a security issue, contact us privately with enough detail to reproduce it. Please do not include traveller documents, passwords, or other sensitive data in an email.

Responsible disclosure

Send security reports to support@safar-os.com with the subject line “Security report”. We will acknowledge and investigate reports in good faith.