ScooteeScootee

Security & Compliance

Enterprise-grade multi-tenancy with 50+ RLS policies

Every organization operates in fully isolated data silos. Row-level security on all 28 database tables, role-based access control, complete audit trails, and enterprise authentication — built for global compliance requirements.

28Secured database tables

Capabilities

01

Multi-tenant data isolation

Every query scoped to organization_id. No cross-tenant data leakage — verified through row-level security on all 28 tables.

02

Role-based access control

Four roles — employee, sales_manager, director, admin — with granular permissions. Employees see own data; admins manage everything.

03

Complete audit trails

approval_history with IP address, user agent, and timestamps. Every approval, rejection, and status change permanently recorded.

04

Enterprise authentication

Supabase Auth with email/password, OTP, and JWT tokens. Session management and secure API access for mobile and web.

Technical architecture

  • 50+ RLS policies across 28 PostgreSQL tables via Supabase
  • API input validation with Zod schemas on all endpoints
  • Database constraints and expense limit validation at submission
  • Organization-scoped storage for receipts and documents
  • Configurable data retention policies per enterprise agreement

Business outcomes

  • Meet SOC 2 and GDPR data isolation requirements
  • Provide auditors with complete decision trails
  • Protect sensitive financial and location data per tenant
  • Enable enterprise procurement security reviews
Contact Us Related guides

FAQ

Security & Compliance questions

Scootee uses PostgreSQL row-level security on all 28 tables, scoped by organization_id. Every API query and database operation is tenant-isolated — no organization can access another's data.

Four default roles: employee (own data), sales_manager (team data), director (organization-wide view), and admin (full management). Permissions are enforced at the database level via RLS policies.

Contact Us

Ready to transform field operations?

Tell us about your global field workforce. We will show you how Scootee delivers GPS intelligence, verified mileage, AI document extraction, and enterprise-grade expense operations.

Contact Us