Security
Reliable operations
Security first.
zocrew defaults to store-level data separation and role-based access. Protecting ops data is the starting point.
Security stack
Ops data protection
- Encrypted data at rest
- Separated access permissions
- Event log retention
- Multi-layer backups
Protection
Built-in safeguards
Data isolation
Data is separated by brand and store to prevent leakage.
Access control
Role-based permissions and join links limit access paths.
Audit logs
We record key events like schedule and attendance changes.
Backup & recovery
Critical ops data is backed up with recovery policies.
Security boundaries
What is available by default
Public baseline for data location, access control, audit logs, and enterprise-only extensions.
Data location and isolation
Service data is stored in the deployment environment's configured region and logically isolated by brand and store.
Access control model
Owner/Manager/Staff permissions are separated. Store-scoped access is enforced and cross-store access is blocked by default.
Audit log scope and retention
Key events such as schedule edits, attendance corrections, and permission changes are recorded and retained for operations review.
Enterprise-only scope
Requirements like custom retention windows, advanced compliance reporting, and private integration scope are handled via enterprise inquiry.
Compliance
Operational policy and security defaults
Core security defaults are available immediately. Enterprise certifications and controls are scoped via inquiry.
Security reviews
step 1Quarterly vulnerability and infrastructure checks.
Permission audits
step 2Regular admin permission reviews.
Incident response
step 3Ops team responds immediately to incidents.
Customer reporting
step 4We analyze impact and share transparent updates.
Next step