Skip to content
SMBRegsEarly Access
Risk ScoreToolsHow It WorksPricingLog InFree Compliance Check →
Trust center

Security practices for compliance-critical workflows.

SMBRegs treats business compliance data as operationally sensitive. This page explains the current safeguards, provider-backed controls, and disclosure channels in plain language.

Security overview

Operational safeguards

Encrypted transport
Managed database
Auth middleware
CI audits

SMBRegs is a compliance research and tracking product, not a law firm or formal certification authority. Verify high-stakes requirements with official sources and advisors.

Security posture

Practical controls, clearly stated.

Hosted operations

Infrastructure security

  • ✓Hosted on Vercel's edge network with automatic DDoS protection and global CDN
  • ✓Database powered by Supabase-managed PostgreSQL infrastructure
  • ✓Encryption in transit and provider-managed encryption at rest
  • ✓Backup and recovery workflows supported by managed infrastructure

Customer isolation

Data protection

  • ✓Role-based access patterns with principle-of-least-privilege design
  • ✓Audit logging for key application events and account activity
  • ✓Customer data separation across authenticated account contexts
  • ✓Operational review before using results for high-stakes decisions

Identity layer

Authentication security

  • ✓Powered by Supabase Auth with industry-standard protocols
  • ✓Password and OAuth login support through managed auth providers
  • ✓Session management designed around secure cookies and middleware checks
  • ✓Checkout and account-intent preservation through authenticated flows

Ongoing care

Compliance posture

  • ✓Provider-level controls and advertised certifications where applicable
  • ✓Dependency audits in the CI verification pipeline
  • ✓Security review language that avoids overstating legal guarantees
  • ✓Responsible disclosure routing for vulnerability reports

Responsible disclosure

Report a security concern.

If you believe you have found a vulnerability in SMBRegs, share details through the security inbox so we can review and triage responsibly.

security@smbregs.com
SMBRegs

Small business compliance made simpler. Know what to review, track your progress, and verify what matters.

Product

  • Features
  • Pricing
  • Compliance Quiz
  • Regulation Browser
  • AI Compliance Chat

Resources

  • Blog
  • Compliance Guides
  • Compliance Glossary
  • Compare Alternatives
  • About Us
  • Contact

Free Tools

  • Compliance Checker
  • ROI Calculator
  • Registered Agent Finder
  • SBA.gov Resources ↗
  • IRS Business Center ↗

Legal

  • Privacy Policy
  • Do Not Sell My Personal Information
  • Your California Privacy Rights
  • Terms of Service
  • Security
  • Cookie Policy
  • Accessibility
  • Changelog
  • Status

Your Privacy Rights

You have the right to know what personal data we collect, request its deletion, opt out of data sales or sharing, and exercise these rights without discrimination. We process data based on legitimate interest and consent as the legal basis for processing. To submit a privacy request, email privacy@smbregs.com.

Data Protection Officer

For GDPR inquiries or data protection concerns, contact our DPO at dpo@smbregs.com. Spoon Seller LLC · Newport News, VA

Disclaimer: SMBRegs provides informational content about business regulations and compliance requirements. This information does not constitute legal, tax, or professional advice. Regulations change frequently; always verify requirements directly with the relevant government agency. Consult qualified professionals for specific compliance questions.

© 2026 Spoon Seller LLC. All rights reserved.

Made with care for small businesses everywhere.