Security

Your data is safe with LodgeDesk

We built LodgeDesk with security at the core — not as an afterthought. Every hotel's data is completely isolated, encrypted and protected.

100%

Tenant data isolation

Tables with row-level security

TLS

Encryption in transit

Data sold to third parties

🔒

Complete tenant isolation

Every hotel on LodgeDesk operates in a completely isolated data environment. We use PostgreSQL Row Level Security (RLS) on every single table in our database — 27 tables in total. This means it is technically impossible for one hotel to access another hotel's guests, reservations, invoices or any other data. Not even a database administrator can query across tenants without explicit super admin credentials.

What this means for you

✓RLS policies on all 27 tables

✓get_user_tenant_id() SECURITY DEFINER function

✓Super admin access logged in audit trail

✓No cross-tenant queries possible

🛡️

Encryption and secure access

All data transmitted between your browser and LodgeDesk is encrypted using TLS. Our infrastructure is served through Cloudflare, which provides additional DDoS protection, WAF (Web Application Firewall) and SSL termination. Your passwords are never stored in plain text — they are hashed using Supabase's built-in bcrypt authentication.

What this means for you

✓TLS encryption in transit

✓Cloudflare DDoS and WAF protection

✓bcrypt password hashing

✓Secure HTTP headers enforced

✉️

Email verification on signup

Every new hotel account must verify their email address before gaining access to LodgeDesk. We send a branded 6-digit code to the email provided during signup. The code expires in 10 minutes and can only be used once. This ensures every account is linked to a real, accessible email address.

What this means for you

✓6-digit OTP sent to email

✓Codes expire in 10 minutes

✓Single-use codes only

✓Blocks disposable and fake emails

📋

Audit trail

Every significant action taken within LodgeDesk is logged to an audit trail — who did what, when, and on which record. This includes reservation changes, guest updates, invoice modifications, settings changes and super admin impersonation sessions. Audit logs are immutable and scoped per tenant.

What this means for you

✓All key actions logged

✓Timestamps and user IDs recorded

✓Super admin impersonation logged

✓Per-tenant audit isolation

🏗️

Infrastructure security

LodgeDesk runs on a dedicated Ubuntu Server behind a Cloudflare Tunnel — meaning no ports are directly exposed to the internet. Access to the server requires SSH key authentication. UFW firewall and Fail2ban are configured to block unauthorised access attempts. Regular backups are maintained.

What this means for you

✓Cloudflare Tunnel — no exposed ports

✓SSH key authentication only

✓UFW firewall and Fail2ban

✓Regular automated backups

👤

Role-based access control

Not everyone on your team needs access to everything. LodgeDesk's role-based permissions system ensures staff members only see what they need. Admins have full access, managers can access most features, and staff are limited to front desk operations. Access is enforced at both the UI and database level.

What this means for you

✓Admin, Manager and Staff roles

✓Page-level access control

✓Database-level enforcement via RLS

✓Configurable per team member

Questions about security?

We are happy to answer any questions about how we protect your data.