Security

Your data is not our product. It's our responsibility.

We run on enterprise infrastructure, encrypt everything, back up daily, and give your team complete control over who sees what.

Encryption

Your data is encrypted at rest and in transit.

All data stored in Bridgeway is encrypted at rest using AES-256. All data in transit is encrypted using TLS 1.2 or higher. This applies to your lead data, buyer data, documents, and all internal communications between our services.

Infrastructure

Enterprise-grade cloud infrastructure.

Bridgeway runs on Supabase (built on AWS), one of the most trusted database infrastructure providers. We use managed services with automatic patching, redundancy, and failover. Our file storage (for construction photos and documents) uses Cloudflare R2 with automatic replication.

Backups

Daily backups. 30-day retention.

Your data is backed up automatically every day. Backups are retained for 30 days and stored in a separate geographic location from the primary database. In the event of data loss or corruption, we can restore to any point within the last 30 days.

Access control

Role-based access with complete audit trails.

Every team member in your Bridgeway account has a defined role — builder owner, sales manager, salesperson, or viewer. Access to data is scoped to the role. We log every action that modifies data, so you can always see who did what and when.

Authentication

Secure authentication powered by Clerk.

We use Clerk for authentication — the same infrastructure used by thousands of production SaaS companies. Passwords are never stored in plain text. We support multi-factor authentication and enforce secure session management.

Data isolation

Your data is completely isolated from other builders.

Every Bridgeway account is isolated at the database level. There is no shared data pool between builders. Your leads, buyers, and projects are invisible to every other account on the platform, and our own team can only access your data to resolve a support issue you've explicitly raised.

WhatsApp security

Messages delivered via the official WhatsApp Business API.

All WhatsApp messages sent through Bridgeway are delivered via the official Meta WhatsApp Business API. Messages are end-to-end encrypted in transit by WhatsApp. We do not store message content beyond what's visible in the platform's activity log.

Vulnerability management

Regular security reviews and dependency updates.

We review our dependencies for known vulnerabilities weekly and apply security patches promptly. We conduct security reviews of our codebase at each major release.

Found a security issue?

Please report it to us on WhatsApp at +91 97300 23756. We respond to all security reports within 24 hours.