1. Security Overview
At TindahanGo, data security is central to our engineering, deployment, and infrastructure operations. We recognize that retail shops, mini groceries, and sari-sari stores trust us with their sales, stock, and credit ledgers. We implement layered, industry-standard security controls to protect your data from unauthorized access, accidental alteration, or leakage.
2. Data Encryption
We secure data both in-transit and at-rest:
- Encryption in Transit: All HTTP network traffic between cashier mobile apps, owner portals, superadmin terminals, and our Fastify backend API is forced over HTTPS/TLS (Transport Layer Security) with secure configuration parameters to block man-in-the-middle (MITM) attacks.
- Password Hashing: We do not store raw text passwords or cashier security PINs. User credentials are encrypted at-rest using one-way cryptographic hashing (bcrypt) before database insertion.
- API Session Hashing: Access tokens utilize signed JSON Web Tokens (JWTs) to verify permissions statelessly on every request.
3. Database Isolation & Tenancy Security
TindahanGo operates as a multi-tenant platform. This means multiple stores share the same cloud database infrastructure, but are fully isolated:
- All transactional, customer, and cashier records are linked to a unique `companyId` (tenant key).
- Database queries are dynamically restricted in the REST API layers using company constraints, ensuring cashiers or owners from one company can never query or view records belonging to another company.
- Superadmins can review payment queues but operate under restricted access controls.
4. Backups & Disaster Recovery
We protect against server crashes and hardware failures:
- Automated Daily Backups: System scripts execute PostgreSQL schema and record dumps daily at 2:00 AM. Backup files are compressed, encrypted, and synced offsite.
- Disaster Recovery Plan: We maintain instructions and script routines to reconstruct service instances within hours of database failures, ensuring business continuity for your shop.
5. Monitoring, Logging, & Rate Limiting
We monitor application health continuously:
- Sentry Logging: Technical execution crashes are logged to our Sentry cloud dashboards to capture stack traces, browser types, and device configurations. No raw password inputs are saved.
- IP Rate Limiting: Auth endpoints enforce a rate limit map per IP address to block automated password scanning or cashier PIN brute-force attempts.
- Uptime Monitoring: Third-party status nodes check the `/health` endpoint every five minutes, triggering Slack/email alerts to our engineering team upon outages.
6. Security Incident Response
In the event of a verified database breach or security failure:
- Our security team will immediately isolate compromised server nodes, block access credentials, and patch target vulnerabilities.
- We will notify affected Store Owners (PICs) via their registered account emails within 24 hours of confirmation, in compliance with DPA Circular 16-03 rules.
7. Responsible Disclosure Policy
We welcome reports from independent security researchers to make TindahanGo safer. If you find a security vulnerability:
- Email the details to **legal@tindahango.ph**.
- Allow our team reasonable time (e.g., 30 days) to resolve the issue before publishing details publicly.
- Do not attempt to access, download, or manipulate other tenants' data during your research.