How we protect your data.
How The Octane stores, processes and protects your data.
Infrastructure
The Octane runs on Supabase (managed Postgres, Auth, Storage) with row-level security scoping every restaurant's data to its own organization. Data is hosted in a European region.
Authentication
We support email magic links, TOTP two-factor authentication and passkeys. Passwords are never stored in plain text; leaked-password detection blocks common breached credentials.
Data access
Each organization's data is isolated by row-level security policies. No user can read or write another organization's data. Team roles (admin/manager/staff) further restrict which operations each user may perform.
Responsible disclosure
If you discover a security issue please email security@theoctane.ch. We aim to respond within 24 hours and will credit responsible reporters.