Trust Center

How We Protect Your Restaurant's Data

You're trusting us with sales, staff, and payroll information. Here's exactly how that's handled — no vague promises.

🔒 Isolated per restaurant

Each restaurant's data lives in its own separate database. Your sales, labor, and staff records are never mixed with another restaurant's, and a query for one location cannot reach another's data.

🔐 Encrypted in transit

The DISHROW site and application are served over HTTPS/TLS. Login sessions use secure, HTTP-only cookies that aren't accessible to page scripts.

🔑 Access control by role

Staff accounts are scoped by role — admin, manager, or staff — so a manager can run operations without seeing financials, and line staff can only reach the clock-in portal.

🔐 Passwords & login protection

Passwords are hashed with bcrypt, never stored in plain text. Logins are rate-limited, and the staff clock-in portal locks a device after repeated failed PIN attempts.

💾 Backups

Data is backed up on a regular automated schedule, with the ability to restore in the event of an outage or data loss.

📋 Audit logging

Key account and data changes are logged, so there's a record of who changed what and when.

Who has access to your data

Only DISHROW personnel who need it for support or maintenance can access restaurant data, and only as needed. We don't sell your data, and we don't use it to train anything shared with other customers. Billing is processed by Stripe — DISHROW does not store your card numbers directly.

Where things are heading

DISHROW is a growing company, and we'll expand this page as we add formal third-party security audits and certifications. If you need specific documentation for your own compliance process right now, email us — we're happy to walk through our setup directly.

Have a security question?

Talk to us directly, before you sign up.

Email hello@dishrow.com →