Security

Protecting your business data is a first-class concern at SailRight Technologies. This page summarises our current security practices.

Encryption

All traffic to RightSutra is served over HTTPS (TLS 1.2+). Data at rest is encrypted on our database and backup storage. Sensitive fields like auth tokens are additionally hashed.

Authentication

We support email + password, Google OAuth, magic links, and biometric login on mobile. Access tokens expire after 15 minutes; refresh tokens rotate on use.

Tenant isolation

Every database row carries a tenantId. Our API enforces row-level filtering on every read and blocks cross-tenant writes at the framework level.

Payments

Card and UPI payments are processed by Razorpay. We never see or store your payment instrument details.

Responsible disclosure

Found a security issue? Email security@sailrighttech.com. We do not have a public bug bounty yet but acknowledge every valid report.

Last updated: June 2026. For questions, email legal@sailrighttech.com.