Trust
Security & data handling.
The infrastructure underneath Rellavo, and how your data moves through it.
Tenant isolation
Each gym is a separate tenant in our database. Every row of member, workout, and payment data is tagged with that gym's id, and Postgres' row-level security filters every query — ours, yours, the AI assistant's — to that tenant before any data is returned.
Payments
Card details go to Stripe, not to us. We store a Stripe customer identifier; we never see, log, or persist a card number.
Encryption
TLS 1.3 in transit. AES-256 at rest, with keys managed by Supabase KMS.
Backups
Daily backups, 30-day retention, point-in-time recovery. Static assets are stored across multiple availability zones.
Your data
Export to CSV or JSON anytime from the dashboard. Account deletion processed within seven days of request. We do not train models on your data and we do not sell it.