Trust & Security

All connections to the app, API, and live streams are encrypted in transit using TLS 1.2+. Cloud-backed recordings, clips, and timelapse exports are encrypted at rest in object storage.

Camera credentials and ingest API keys are stored hashed or access-controlled at the database row level — never exposed to other tenants.

RoosterOS staff cannot view your trailer cameras or recordings by default. When you need help, you flip the Give RoosterOS Access switch in Settings → Security & Privacy.

Access is limited to troubleshooting, automatically expires after 24 hours, and every session is recorded in your audit log. You can revoke it at any time.

Two-factor authentication is required for all admin accounts by default, with the option for org admins to enforce it for every team member. Passwords are checked against the Have-I-Been-Pwned database at signup.

Tenant data is isolated by Row-Level Security in the database — a user in one organization cannot read or write another organization's trailers, cameras, alerts, or recordings.

Card numbers and bank details never touch RoosterOS servers. All billing is handled by Stripe, a PCI-DSS Level 1 service provider. We only store the Stripe customer ID and subscription metadata.

Sales tax, invoices, and dunning are managed through Stripe Tax and Stripe Billing.

The application runs on Cloudflare's edge network. The database and object storage are managed by Supabase, with daily encrypted backups and point-in-time recovery available on paid tiers.

We monitor uptime, error rates, and ingest latency continuously and alert on regressions.

RoosterOS maintains commercial insurance appropriate for a connected-hardware SaaS, including Errors & Omissions / Tech Professional Liability, Cyber Liability with breach-response coverage, and General Liability. Certificates of insurance are available on request for enterprise customers under NDA.