Trust
Security at Beespo
A ward’s workspace holds confidential things — callings under consideration, family circumstances, private meeting notes. This page explains, in plain language, how that information is protected. Everything here describes how the product works today, not a roadmap.
Last updated: July 2, 2026
Workspace isolation
Every Beespo workspace is isolated at the database layer using PostgreSQL row-level security. Access rules are enforced by the database itself on every query — not just by application code — so one ward’s data is structurally invisible to every other ward. There is no shared pool of data that a bug in a page could accidentally leak across workspaces.
Access inside a workspace
Within a workspace, access follows roles: owner, admin, editor, commenter, and viewer. Beyond roles, two protections exist for the most sensitive content:
- Leadership meetings are shared explicitly. Each meeting series has its own access list, granted person by person. Membership in the workspace does not grant access to the bishopric’s agenda or minutes.
- Private notes are private. Notes marked private in a meeting document are filtered by the database’s own access rules — no other workspace member can read them in any view, export, or share.
Authentication
Sign-in supports email and password (with mandatory email confirmation) and Google sign-in. Sessions are managed by Supabase Auth with short-lived, automatically refreshed tokens. Signup to the platform itself is invite-only.
Encryption and infrastructure
All traffic is encrypted in transit with TLS, and data is encrypted at rest. Beespo runs on Supabase (PostgreSQL, hosted on AWS) and Vercel. Transactional email is sent through Resend from an authenticated domain (SPF, DKIM, and DMARC are enforced), so mail claiming to be from Beespo actually is.
Data handling commitments
- We never sell your data, share it with third parties for their own use, or use it to train AI models.
- Your ward’s data belongs to your ward. If you leave, you can request deletion of your workspace and we will honor it.
- Access by Beespo staff is limited to what operating the service requires — support and incident response — never browsing.
Monitoring and status
The platform is continuously monitored for errors, and abusive traffic is rate-limited. When something is wrong, we say so: active incidents are surfaced inside the app and as a live status indicator in the footer of this site.
Reporting a vulnerability
If you believe you’ve found a security issue, please tell us at security@beespo.com — we read every report and will respond promptly. Please give us a reasonable window to fix an issue before disclosing it publicly.
What we don't claim
Beespo is a young product, and we’d rather be plain about where we are: we have not yet completed a formal third-party audit such as SOC 2. We onboard wards one at a time partly for this reason — it keeps the blast radius of any problem small while the platform matures. As the product grows, this page will grow with it.