Security
Last updated July 2026
Crewbound, a product of Penderra LLC, runs your business — so security isn't a feature, it's the foundation. Here's how we protect your data.
Tenant isolation by default
Every table carries a company identifier and every query is scoped by row-level security in the database. A request can only ever return the signed-in user's company's rows, so cross-company leakage is structurally prevented.
Encryption
Data is encrypted in transit with TLS and at rest by our infrastructure providers. Secrets like service keys stay server-side and are never shipped to the field app.
Access control
Access follows the owner / office / tech role model. Owners manage who can see and do what, and can revoke a member's access immediately. Sensitive keys are held only where they're needed.
Infrastructure
We build on managed, SOC 2–aligned infrastructure with automated backups and monitored, least-privilege access to production systems.
Responsible disclosure
Found a vulnerability? We want to hear about it. Email legal@penderra.com and we’ll respond promptly. Please give us a chance to fix issues before disclosing them publicly.
Crewbound is a product of Penderra LLC. This page is provided for general information and is not legal advice. Questions? Email legal@penderra.com.