Your data security is our top priority. Here's how we protect your commission data.
Your commission data is stored in a PostgreSQL database (Neon). Data is isolated per organization and only accessible to authenticated users.
Application hosted on Vercel. Traffic is served over HTTPS and routed through Vercelโs managed infrastructure.
Data is stored in a managed PostgreSQL database. Access is controlled by authentication and database credentials.
Traffic between your browser and the application is encrypted over HTTPS. Database connections use encrypted transport (SSL/TLS).
If you have data residency requirements, contact us and weโll confirm whatโs possible with the current hosting setup.
Authentication is handled by Clerk (clerk.com).
Passwords are handled by Clerk. We do not store your passwords in our application database.
Account security features (such as 2FA) are provided through Clerk where available for your account.
Granular permissions ensure users only see data relevant to their role. Sales reps see only their commissions, admins see everything.
Automatic session expiration after 30 days of inactivity. Sessions are invalidated on password change or logout.
Our database is managed by a hosted provider. Provider-level backup/restore capabilities depend on the environment configuration.
We do not currently provide in-app automatic backups. You can manually export reports and export your data from Settings for your own retention.
Retention depends on your infrastructure/provider configuration. For your own retention policy, keep exports you download from the app.
In the event of an outage, we rely on our hosting providers and incident response process to restore service as quickly as possible.
Export your complete data anytime in JSON or CSV format from Settings. You maintain full ownership and portability of your data. We never lock you in.
All sensitive API endpoints require authentication. Requests are validated server-side and scoped to your organization.
We use Prisma ORM for database access (parameterized queries) and keep dependencies maintained.
Clerk authentication protects access. Input validation is enforced on API endpoints and organization scoping is applied to data access.
Complete audit trail of all actions. Every calculation, approval, and change is logged with timestamp and user information.
You own your data. We never sell, share, or use your data for any purpose other than providing the service.
Request complete deletion of your data at any time. We will permanently delete all your data within 30 days of request.
Transparent privacy policy outlining exactly what data we collect and how it's used. No hidden data collection.
Vercel provides automated monitoring of application uptime and performance. Neon monitors database health and performance. Application logs all errors and security events.
Dependency vulnerability monitoring via npm audit. Regular security updates applied. Prompt patching of identified vulnerabilities in dependencies.
In the event of a security incident, affected customers will be notified as soon as possible. Contact security@avanticommissions.app to report security issues.
Regular dependency updates. Security patches applied promptly. Customers notified of any security-relevant changes via email.
Only essential personnel have access to production systems. All access is logged and monitored.
Our team NEVER accesses your commission data unless explicitly requested for support purposes with your written permission.
Support access requires your explicit approval. All support sessions are logged and can be reviewed.
We're happy to answer any security questions you have. For enterprise customers, we can provide: