Security

1. Infrastructure & Hosting

Gauge is hosted on secure, modern cloud infrastructure.

• Cloud Providers: Our application utilizes AWS (Amazon Web Services) and Vercel, which maintain industry-leading physical and network security standards.
• Database Security: Your data is stored in an isolated database environment managed by Supabase.
• Network Protection: We utilize Cloudflare to help protect our systems against external threats and ensure site availability.

2. Data Encryption

We use standard encryption protocols to protect data.

• Encryption in Transit: Data transmitted between your browser, the Jobber API, and our servers is encrypted using TLS (Transport Layer Security).
• Encryption at Rest: Sensitive data stored in our databases is encrypted using AES-256 (Advanced Encryption Standard).

3. Jobber Integration (OAuth 2.0)

We connect to your Jobber account using the official OAuth 2.0 protocol.

• No Password Storage: We never see or store your Jobber login credentials. You log in directly through Jobber, and they issue us a temporary access token.
• Revoke Anytime: You retain control. You can revoke Gauge's access to your data at any time from your Jobber settings, which stops our access to your account.
• Limited Access: We request access only to the data scopes necessary to perform the audit and analytics functions.

4. Payment Security

We do not store your credit card information on our servers.

All payments are processed by Stripe, a certified PCI Service Provider.

5. Reliability & Backups

• Backups: We perform automated daily backups of our database to help prevent data loss.
• Monitoring: Our systems are monitored to ensure the application remains available and performant.

6. Responsible Disclosure

We value the contributions of the security community. If you believe you have found a security vulnerability in Gauge, please report it to us at support@gaugebi.com. We will review your report and work to address confirmed issues.