Security

This page summarizes the security practices in place for CuePoint. It is intended for transparency — to help Tenants and their customers understand how their data is protected. It is not a full security audit report.

1. Encryption

In Transit

All communication between your browser and CuePoint is encrypted using HTTPS/TLS. We do not allow unencrypted HTTP connections to the platform.

At Rest

Passwords are stored as one-way bcrypt hashes. We never store plain-text passwords, and no one at CuePoint — including our own team — can read your password.

Database encryption at rest is provided by our hosting infrastructure. We rely on our hosting provider's encryption-at-rest capabilities for all stored data.

2. Multi-Tenant Data Isolation

CuePoint is a multi-tenant platform. Each Tenant's data is logically isolated from every other Tenant's data through:

• Row-level security (RLS) policies at the database level — enforced by PostgreSQL, not just application code.
• Tenant-scoped Prisma middleware — all application database queries automatically include tenant filters.
• Transaction-local tenant context — the active tenant identity is injected into the database session at the start of each request and cleared after.

These three independent layers mean a single misconfiguration is not sufficient to expose one Tenant's data to another.

3. Access Controls

CuePoint implements role-based access control (RBAC) with four role levels:

• Owner — full access to all tenant features and settings.
• Manager — access to most operations; cannot manage staff or change billing configuration.
• Staff — access to day-to-day table and POS operations only.
• Super Admin — platform-level administration. Super Admins do not access Tenant operational data in the ordinary course of platform operation. They may access Tenant data only where reasonably necessary to provide support you request, to investigate a security or abuse incident, or to comply with law. Any such access is limited to what is necessary, is performed by personnel bound by confidentiality obligations, and is recorded in our audit logs.

Permission checks are enforced server-side on every API procedure. UI restrictions mirror server-side rules but are not treated as a security boundary.

4. Authentication Security

• Login attempts are rate-limited by IP address to protect against brute-force attacks.
• Registration is protected by Cloudflare Turnstile to prevent automated abuse.
• Sessions are stored server-side using signed JWTs with configurable expiry.
• Suspicious sessions can be force-invalidated by platform administrators.
• Invited staff are required to change their temporary password on first login.

5. Backup and Recovery

CuePoint performs automated database backups:

• Daily full backups retained for 7 days.
• Weekly backups retained for 4 weeks.
• Monthly backups retained for 3 months.

Backups are stored in a separate location from the primary database. Recovery procedures are documented and tested periodically. In the event of data loss, backups provide the ability to restore to a recent point in time.

Note: Deletion requests applied to live data may persist in backup archives until those backups expire according to the retention schedule above. See our Privacy Policy for details on backup retention and data deletion.

6. Monitoring and Incident Response

CuePoint logs structured application events including authentication attempts, permission-denied events, and slow or failed API operations. Logs do not include passwords, session tokens, or customer personal data.

In the event of a security incident affecting Tenant data, we will notify affected Tenants without undue delay as described in our Data Processing Addendum.

7. Responsible Disclosure

If you believe you have discovered a security vulnerability in CuePoint, please report it to us before disclosing it publicly. We take security reports seriously and will investigate and respond promptly.

Contact: support@cuepoint.cloud with subject line “Security Disclosure”.

We ask that you:

• Give us reasonable time to investigate and remediate before public disclosure.
• Avoid accessing, modifying, or deleting any data that is not your own.
• Not disrupt or degrade the platform's availability for other users.

We do not currently offer a formal bug bounty program, but we genuinely appreciate responsible security research and will acknowledge your contribution where appropriate.

8. Questions

For security questions not covered here, contact us at support@cuepoint.cloud.