Uniiq Operations

Trust Centre

Uniiq Operations

Home Trust Centre Contact
All documents

Documents

Core

  • Terms
  • Privacy
  • Disclaimer

Compliance

  • Acceptable Use
  • Cookies
  • AI Policy
  • Responsible AI

Trust & security

  • Security

Security overview

Security practices for Uniiq Operations

Last updated 24 May 2026


On this page

🛡

Overview

Uniiq Operations is built for multi-tenant operations: authenticated access, organisation and site context on API requests, and role-based permissions.

No system is perfectly secure — please report concerns promptly via Contact.

🔒

Platform controls

Encryption in transit

Web and API traffic uses TLS when the service is served over HTTPS (standard in production).

  • HTTPS in production for web and API endpoints

Encryption at rest

Database and object storage rely on our infrastructure providers’ encryption; we do not operate a separate customer-managed keys (BYOK) model in the pilot product.

Access control

Role-based access control (RBAC) with permissions checked on the server for operational modules (people, projects, roster, dispatch, billing, and related areas), combined with site scope where your membership defines it.

Tenant and site context

Authenticated API handlers resolve your active organisation and permitted sites before reading or writing tenant data.

  • Direct database access from browsers is blocked
  • Application APIs use a controlled server path

Authentication

Session-based sign-in (Supabase Auth) with secure cookie settings in production deployments.

Audit logging (partial)

Selected administrative and billing-sensitive actions (for example account authority and platform billing administration) are recorded in audit tables where that logging is implemented.

  • A full customer-visible audit trail for every change is not offered in the current product
👤

Your responsibilities

  • Use strong, unique passwords and limit operational access to people who need it.
  • Remove or deactivate access for departed staff promptly.
  • Do not share credentials or secrets in support messages or chat.
  • Review AI-assisted and operational outputs before relying on them in the field or with customers.
  • Keep your organisation’s role assignments and site scope accurate as your workforce changes.
△

Incident response

If you suspect unauthorised access or a data incident affecting your organisation, contact us as soon as practical via Contact.

Include relevant timestamps, affected users, and what you observed. We will investigate and coordinate remediation with you as appropriate.

This is an operational commitment, not an SLA-backed security service unless separately agreed in writing.

📄

Related documents

  • Privacy notice
  • Acceptable use policy
  • Responsible AI principles

For enterprise data-processing terms, contact us via Contact.

Questions? Contact us

On this page

© 2026 Uniiq Operations

Operated by RIPPLE ELECTRICAL SERVICES PTY LTD (ACN 627 966 689)

Terms·Privacy·Disclaimer·Acceptable Use·Cookies·AI Policy·Responsible AI·Security·Contact