Built on the same infrastructure your bank uses.

Lawnager never stores raw credit card numbers, CVCs, or full card data. All payment processing runs through Stripe — a PCI DSS Level 1 certified payment processor.

When a customer pays an invoice through their portal, the card details are sent directly from their browser to Stripe via Stripe Elements. Lawnager only sees the resulting token and the success/failure result.

Each lawn care business connects their own Stripe account, which means card data never crosses Lawnager's platform — funds settle directly to the operator's Stripe account, not ours.

Customer data is stored in Supabase databases located in US-East (Virginia). Vercel edge servers cache static assets globally for performance, but no customer business data is cached or stored at the edge.

When you delete a customer, quote, or invoice from your account, the row is soft-deleted with a 30-day recovery window before being permanently removed. Backups are retained for 30 days after that.

When you cancel your account, all business data is deleted within 90 days unless you export it first. Closed accounts are flagged immediately to prevent further data ingress.

Inside your business: only members of your team that you've explicitly invited. Each team member's role (owner, manager, crew) determines what they can view and edit.

Lawnager staff: only the small subset that needs access to debug a specific support issue you raised, and only with your permission. We do not browse customer data for any other reason.

Third parties: data is shared only with sub-processors that perform a specific function (Stripe for payments, Twilio for SMS, Resend for email, Anthropic for AI features). Each sub-processor is bound by data-processing agreements. We do not sell data to advertisers or aggregators, ever.

Mobile phone numbers — both yours and your customers' — are not shared with third parties or affiliates for marketing or promotional purposes. SMS is delivered through Twilio, which is bound by carrier-mandated content rules and our data-processing agreement.

Customers who reply STOP to any SMS are immediately opted out at both the platform level (sms_opt_out flag) and the carrier level (Twilio Advanced Opt-Out). The opt-out is permanent — if a customer is later re-imported by mistake, sends are blocked at the API.

Inbound STOP webhooks from Twilio are verified using HMAC-SHA1 signatures before any opt-out is recorded, preventing forged opt-out events from spoofed sources.

Production access requires multi-factor authentication. Database queries are logged and monitored for anomalous patterns. Code changes require pull-request review and automated tests before deploy.

All vendor credentials (Stripe keys, Twilio tokens, Supabase service-role keys) are stored as encrypted environment variables in Vercel and never committed to source. Per-business Stripe keys live in our database with row-level encryption at rest.

Sentry error tracking captures unhandled exceptions across the platform so we catch incidents within minutes rather than waiting for customer reports.

We're being upfront about what we haven't earned yet. Lawnager is not yet SOC 2 Type II certified independently — we rely on the SOC 2 certifications of our infrastructure vendors (Vercel, Supabase, Stripe). For most lawn care operators this is more than sufficient. If your customers require a vendor SOC 2 report directly from us, contact us — we're tracking the timeline.

We do not currently publish a public uptime SLA. Realtime status and incident reports go to all customers via email. If 99.95% uptime is a contractual requirement for your business, contact our team about an Enterprise agreement.

We do not currently offer SSO/SAML beyond Google OAuth. Adding Microsoft and Okta SSO is on the roadmap; if it's a blocker for your team, let us know.