Draft document
This is a template and has not been reviewed by legal counsel. Do not rely on this document without professional legal review specific to your jurisdiction and use case.
Overview only — not a SOC 2 report or penetration test summary.
Security
OS Kitchen uses Supabase for authentication and Postgres hosting, encrypted integration secrets at the application layer, and HTTPS for transport. Webhook signatures are verified where providers support them.
Document your incident response contacts, key rotation cadence, and vendor list here after review.