Canadian Hosting
Vynn.AI runs on DigitalOcean infrastructure in Toronto, Canada. The production application host and managed PostgreSQL database are both deployed in the Toronto region so the core platform stays in Canada.
Security&Compliance
The platform is operated on Canadian infrastructure with protected dashboard access, API request controls, and a privacy posture built for enterprise procurement review.
Security Practices
Proven controls that exist in the current production platform.
Dashboard Authentication
The customer dashboard uses Clerk authentication. Protected dashboard and onboarding routes are enforced by middleware, and organization membership is used to scope team access inside the product.
Backend API Access
FastAPI routes are protected by API key authentication when enabled. The website keeps backend credentials server-side rather than exposing them in the browser, and Integrate access is being formalized around managed API credentials.
Request Safeguards
Browser access to backend routes is restricted through configured CORS allowlists. The backend also supports sliding-window rate limiting and emits rate-limit headers so clients can detect and respect request ceilings.
Traceability
The backend assigns or echoes an X-Request-ID on requests and carries that identifier into logs and error responses for troubleshooting. This gives operators a stable request reference when investigating errors or stale-data reports.
Freshness Monitoring
Operational health checks monitor sweep freshness across 5 Canadian time zones. Zones are flagged stale after 36 hours without fresh data, providers after 48 hours, and degraded states surface through the health API instead of being hidden.
Compliance Context
Privacy and procurement context for enterprise buyers.
PIPEDA Alignment
Vynn.AI operates as a Canadian B2B grocery pricing platform and aligns its privacy practices with PIPEDA. Our public privacy commitments are documented on the privacy page.
Data Scope
The dataset is built around product, retailer, region, price, and promotion fields. It is not consumer purchase-history data, payment data, or loyalty-program data.
Data Minimization
Customer-facing workflows focus on the data needed for price intelligence and reporting: current price, base price, promotion context, location, and freshness metadata. Unknown or unverified observations are meant to stay labeled or excluded, not silently guessed.
Procurement Review
Enterprise buyers who need security review materials or a vendor questionnaire can contact Vynn.AI through the contact page or by emailing [email protected].
Need a security review?
If your team needs procurement answers, a questionnaire review, or a data-residency discussion, contact us directly.
Questions about our security practices?
Contact us for a procurement review, vendor questionnaire, or data-residency discussion.