Security & Trust

Your delivery data, treated like it matters

Routes, customers, and proof-of-delivery records are the operational heart of your business. Here is exactly how Raute protects them.

Encryption everywhere

All traffic between your browser, the driver apps, and Raute is encrypted with TLS. Data is encrypted at rest (AES-256) on our database infrastructure. There is no unencrypted path to your delivery data.

Per-company tenant isolation

Every row of data — orders, drivers, customers, proof of delivery — is bound to your company and enforced at the database layer with Postgres Row Level Security. One company can never read another company's data, even in the event of an application bug.

Modern authentication

Sign-in is handled by industry-standard JWT-based authentication with bcrypt password hashing, plus Google and Apple SSO. Sessions support multiple devices with token rotation and reuse detection.

Role-based access control

Managers, dispatchers, and drivers each see only what their role needs. Drivers see their own routes — not your customer list. Privileged admin actions are recorded in an append-only audit log with IP and user-agent forensics.

Payments never touch our servers

Subscriptions are processed by Stripe (web) and Apple (App Store) — both PCI-DSS compliant. Raute never stores or transmits your card number.

US cloud infrastructure

Raute runs on Vercel (application) and Supabase (database) on US cloud regions, with automated backups. Public API endpoints are rate-limited to protect the platform from abuse.

Your data is yours

Export your orders and delivery records to CSV at any time. We never sell your data or your customers' data to anyone. If you leave, your data leaves with you.

Responsible disclosure

Found a security issue? Email support@raute.io with the details and we will respond promptly. We appreciate coordinated disclosure and credit researchers who report responsibly.

Related: Privacy Policy · Terms of Service · Data Processing Addendum

Questions about security?

We answer security questionnaires for prospective customers — just ask.

Contact us