Every architectural decision at FactoryOS prioritises data security and residency. Here is exactly how we protect your business data.
All customer data is stored in Supabase's Mumbai data center (ap-south-1). Your data never leaves India.
PostgreSQL Row Level Security ensures every query is scoped to your account. No other tenant can see your data, even in a breach.
We never store payment card details. Razorpay and Stripe handle all payment processing with PCI-DSS Level 1 compliance.
No passwords to steal. Every login requires a one-time passcode sent to your email. No passwords are stored anywhere.
All traffic is encrypted with TLS. SSL certificates are auto-provisioned and renewed. HSTS enabled sitewide.
All outbound email sends via AWS SES from ap-south-1 with SPF, DKIM, and DMARC configured on factoryos.co.
| Component | Provider | Region | Notes |
|---|---|---|---|
| Database | Supabase (PostgreSQL) | Mumbai, India | Row-level security, daily backups |
| App hosting | Vercel (Next.js) | Edge CDN - Global | Under 2s load time worldwide |
| Email delivery | AWS SES | Mumbai, India | SPF, DKIM, DMARC verified |
| Authentication | Supabase Auth | Mumbai, India | OTP-only, JWT sessions |
| Payments (INR) | Razorpay | India | PCI-DSS Level 1 |
| Payments (USD) | Stripe | Global | PCI-DSS Level 1 |
| AI (on-demand) | Anthropic Claude | US (only on explicit use) | No training on your data |