Supabase Privacy and Security

Tadashi Shigeoka ·  Sat, July 6, 2024

I conducted a brief investigation into privacy and security when considering using Supabase, and I’d like to share my findings.

Supabase Privacy

Please see Supabase’s Privacy Policy here.

Also, according to Available regions, US, EU, and JP regions are available:

  • 🇺🇸 West US (North California) us-west-1
  • 🇪🇺 Central EU (Frankfurt) eu-central-1
  • 🇯🇵 Northeast Asia (Tokyo) ap-northeast-1

This means there are sufficient data location options when developing global products from Japan.

Additionally, you can manage your own data using the Open Source version of Supabase.

Supabase Security

SOC 2 Type 2 Compliance

It’s clearly stated that Team plans and above can obtain SOC2 reports.

Supabase is SOC2 Type 2 compliant. This is an important security policy when handling sensitive customer data.

Enterprise and Team customers can access our SOC2 report on the dashboard.

引用元: Security at Supabase

Translation:

Supabase is SOC2 Type 2 compliant. This is an important security policy when handling sensitive customer data.

Enterprise and Team customers can access our SOC2 report on the dashboard.

That’s all from the Gemba, where I investigated Supabase’s privacy and security.

References