Trust posture · TLS 1.3 · AES-256 · Row-Level Security

Your data is your data.

We secure it the way we'd want our own carrier's data secured. Encryption everywhere, isolation per tenant, audit logging on every privileged action, and zero data resale — ever.

DATA CLASSIFICATION

What we hold. What we never do with it.

CUSTOMER DATA

Fleet records · Driver records · Conversation history

Encrypted at rest (AES-256). TLS 1.3 in transit. Row-Level Security ensures no carrier ever sees another carrier's data — enforced at the Postgres level, not just the application.

SENSITIVE

Drug test results · Medical examiner notes

Field-level encryption for the most sensitive records. Access logged and rate-limited. Retention follows 49 CFR retention rules (typically 3 years rolling).

AI CONVERSATIONS

What you ask Compass

Stored with your tenant for audit defense. Used to improve your Compass experience only. Never sold. Never shared with other carriers. Anthropic doesn't train models on your conversations under their commercial terms.

Eight things we promise.

🔐

TLS 1.3 everywhere

All data in transit. No exceptions.

🔒

AES-256 at rest

Supabase-managed Postgres encryption.

🛡️

Row-Level Security

No carrier sees another carrier's data, enforced at the DB.

📋

Audit log on everything

Every privileged action logged. 7-year retention.

🚫

Zero data resale

Your driver/carrier data is never sold or shared.

⚙️

SOC 2 path

Type II target in Year 2 as Enterprise tier scales.

💼

E&O insured

$2M errors-and-omissions on AI-driven advice.

🔍

Open-source platform

Platform code on GitHub. Inspect every line.

Security questions? We have answers.

Enterprise customers can request a Data Processing Agreement (DPA) at signup. For specific questions, email us.

security@x3fleetsafety.com Start free