Security & Trust

Your packaging costs and supplier data are sensitive. We treat your data with the same care you do.

TLS 1.3 encrypted SOC 2 infrastructure GDPR compliant AES-256 at rest Row-level security

Data encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256. Your pricing data and supplier relationships are never exposed.

Authentication

Sign in with email and password or with Google OAuth. Passwords are hashed with bcrypt via Supabase Auth — we never store them in plain text. Sessions are managed with secure tokens that expire automatically.

Infrastructure

PackPricer runs on Supabase (PostgreSQL) and Netlify — both SOC 2 Type II certified infrastructure providers with 99.9% uptime SLAs.

Row-level security

Every database query is scoped to the authenticated user with Supabase Row Level Security (RLS). No user can access another user's data — enforced at the database layer.

Code & security reviews

We conduct regular security reviews and encourage responsible disclosure. Our codebase is reviewed for OWASP Top 10 vulnerabilities before each major release.

Responsible disclosure

Found a vulnerability? Email info@packpricer.com with details. We commit to acknowledging reports within 48 hours and resolving critical issues within 7 days.

Privacy commitments

We never sell your data to third parties.
Your pricing data is used only to provide benchmarks — never shared with suppliers or other users.
You can export or delete all your data at any time from your account settings.
We use anonymized, aggregated data to improve benchmark accuracy — no PII is included.
We comply with GDPR and CCPA. EU customers can request data deletion via info@packpricer.com.

Security questions or reports

Contact our security team directly at any time.

info@packpricer.com