Your scheduling data is sensitive. Here is how we protect it — with transparency about what we do today and where we are headed.
All data is stored in a PostgreSQL database managed by Supabase. Data at rest is encrypted using AES-256 via the underlying cloud infrastructure. All data in transit is encrypted with TLS 1.2 or higher.
Application logs may contain operational identifiers such as email addresses for debugging purposes. Logs do not contain passwords, API keys, or raw authentication tokens. Sensitive tokens used in public booking links are stored as SHA-256 hashes, not in plaintext.
Users authenticate via OAuth 2.0 through Google or Microsoft. Queuel.io does not store passwords. Session tokens are managed by NextAuth.js with server-side validation.
Access is role-based: superadmin (system-level, configured via environment variables), organization admin, and member. All scheduling data is scoped to the user's active organization — cross-organization data access is not possible through the application.
Public-facing pages (candidate booking links, availability forms) use hashed tokens for access. These tokens are time-limited and single-use where applicable.
At rest: AES-256 encryption provided by the database hosting infrastructure (Supabase / AWS).
In transit: TLS 1.2+ enforced on all connections. HSTS headers are set with a two-year max-age, including subdomains.
Token security: Public-facing tokens (booking links, availability links, opt-out links) are hashed with SHA-256 and a server-side pepper before storage. Raw tokens are never persisted.
Structured application logging with correlation IDs enables tracing of requests across services. Error tracking is handled by Sentry, which captures unhandled exceptions with full stack traces and request context.
An internal operations dashboard provides visibility into system health: webhook processing status, sync job queues, reconciliation results, and scheduling request pipeline metrics.
Audit logs record scheduling actions (bookings, cancellations, rescheduling, ATS writebacks) with timestamps, actor information, and outcome details.
Sentry alerts notify the engineering team of unhandled errors in real time. An internal operator runbook documents severity classifications, common failure modes, and resolution procedures.
The system is designed for graceful degradation: if an external service (calendar API, ATS) is unavailable, jobs are queued and retried automatically with exponential backoff. A reconciliation engine detects and repairs drift between Queuel.io records and external systems.
Queuel.io is not currently SOC 2 certified. Our architecture follows security best practices aligned with SOC 2 trust service criteria, including encrypted data storage, role-based access controls, audit logging, and monitoring.
We are evaluating formal SOC 2 Type II certification as our customer base grows. If compliance certification is a requirement for your organization, please reach out and we will share our current controls documentation.
Current controls summary:
Questions about our security practices? Contact us