Your trading data
is sensitive.
We treat it that way.
Trade P&L, strategy details, psychological notes — this is private data about your financial life. Repyrus is built from the ground up with security as a first-class requirement, not an afterthought.
Encrypted at every layer
Your data is encrypted in transit using TLS 1.3 — the same standard used by banks and financial institutions. At rest, your database records and stored files are encrypted with AES-256, the industry-standard algorithm used by governments and Fortune 500 companies.
Sensitive credentials like Google OAuth tokens (used for Drive import) are encrypted with AES-256-GCM before being stored, using a per-installation key that is never shared with third parties. Even in the unlikely event of a database breach, your tokens would be unreadable.
- TLS 1.3 for all data in transit — no unencrypted connections
- AES-256 encryption for all data at rest
- Google OAuth tokens encrypted with AES-256-GCM before DB storage
- Private chart images served via signed URLs with short expiry windows
ON trades
FOR ALL
USING (user_id = auth.uid());
-- Every query returns ONLY
-- the requesting user's rows
Your data is invisible to everyone else
Every database table in Repyrus is protected by Row-Level Security (RLS) — a Postgres feature that enforces data isolation at the database layer. Even if there were a bug in the application code, the database itself would return zero rows to any request that doesn’t match the authenticated user.
This is defense-in-depth: every query also filters by user ID at the application level, so there are two independent layers preventing data cross-contamination. No Repyrus employee can query your trade data without impersonating your authentication token.
- Row-Level Security on every database table
- Defense-in-depth: application + database both filter by user
- Supabase Auth with JWT — no session tokens stored in browser localStorage
- Two-factor authentication via authenticator app
Always available. Always backed up.
Your trading journal needs to be accessible when you’re in the middle of a trade session. Repyrus is built on infrastructure with a 99.9% uptime SLA — backed by Supabase’s global Postgres network and Cloudflare’s edge network for images.
Daily Backups
Your database is backed up automatically every day with point-in-time recovery. In the extreme event of data loss, we can restore to any point within the last 30 days.
99.9% Uptime SLA
Repyrus is hosted on Supabase's globally distributed infrastructure with built-in redundancy. We monitor uptime 24/7 and alert the team to any issues before users notice.
Real-Time Sync
Log a trade on your desktop. It's instantly available on your laptop, tablet, and phone. No manual sync, no export/import cycle — your journal is always up to date on every device.
We don’t sell your data. Ever.
Repyrus is a subscription business. Our revenue comes from users who find the product valuable — not from selling trading data to financial institutions, advertisers, or data brokers. Your P&L, your strategies, your psychology notes: none of this is ever shared or sold.
We are GDPR compliant. If you’re based in the EU, you have the right to request a complete export of all data we hold about you, and the right to request deletion of your account and all associated data — both of which can be done from your settings page without contacting support.
- Your data is never sold or shared with third parties
- GDPR: request full data export from Settings at any time
- GDPR: request account and data deletion from Settings
- We collect only what is necessary to operate the service
- No advertising trackers or behavioral analytics on authenticated pages
Security Specification
Trade with confidence
Your trading data is some of the most sensitive financial information you generate. Repyrus was built with security as a core requirement — not an upgrade tier. Start your free account today.