Security and data handling

Built around review, ownership, and safer drafting.

VettBase helps organize security questionnaire answers without pretending to be a compliance certification product.

Open workspace Read privacy notes

Important boundaries

VettBase is not legal advice

VettBase is not compliance certification

VettBase does not certify SOC 2 or ISO 27001

Users must review answers before sending

Authentication

VettBase uses Supabase Auth for account access. Email/password authentication is supported, with password reset pages available.

Dedicated log-in and sign-up pages

Forgot-password and update-password flow

Signed-in account status

Manual sign-out controls

User-owned cloud data

Signed-in workspace data is stored in Supabase tables associated with the authenticated user. Row-level security is used so users can access their own VettBase data.

Company profile rows are user-owned

Answer Bank rows are user-owned

Questionnaire history rows are user-owned

Cloud delete controls for signed-in users

Local workspace mode

VettBase can be used in local browser mode without signing in. Local mode keeps data in the browser until the user exports, deletes, or syncs it.

Local-first workspace option

Manual backup export

Manual delete controls

Clear local/cloud mode messaging

AI generation boundaries

AI-generated answers are drafts. VettBase should not invent certifications, policies, vendors, regions, or controls that the user did not provide.

Human review required

Missing-info notes

Sign-in required for AI generation

Rate-limit and usage logging plan