Trust Center

Casewyze Data & Security

Casewyze is built for private investigators and investigative teams that manage sensitive clients, subjects, evidence, reports, billing records, and case activity. Security is handled as part of the product design, not as a separate afterthought.

The platform uses secure cloud infrastructure, authenticated access, organization-level data separation, role-based permissions, and export-aware workflows to help teams protect investigative records from intake through closeout.

Encrypted Connections

All traffic between users and the Casewyze platform is encrypted using HTTPS/TLS encryption. This helps protect information transmitted between your device and our systems from interception or unauthorized access while in transit.

Secure Authentication

Casewyze uses secure authentication systems powered by Supabase Auth, including:

  • Secure password authentication;
  • Session management;
  • Multi-factor authentication (MFA) support;
  • Role-based access controls;
  • Secure token-based authentication.

User access can be restricted, modified, or revoked by authorized administrators at any time.

Role-Based Access Controls

Casewyze includes permission and role management features that allow organizations to control access to data and functionality based on user roles and responsibilities.

For a deeper operational view, read our guide to role-based permissions in investigation case management.

This helps organizations:

  • Restrict sensitive case access;
  • Limit administrative privileges;
  • Separate client, investigator, vendor, and staff permissions;
  • Reduce unauthorized internal access risks.

Database Security

Casewyze utilizes Supabase PostgreSQL infrastructure with Row Level Security (RLS) policies to help isolate organizational data and restrict unauthorized database access.

Security configurations are designed to help ensure users only access data authorized for their organization and assigned permissions.

Investigation Case Data Handling

Investigation records often combine client information, subjects, vehicles, devices, contacts, surveillance notes, tasks, calendar events, expenses, invoices, and case updates. Casewyze keeps these records organized around the case so access, context, and review history are easier to manage.

Structured records reduce the security risk created by scattered spreadsheets, inboxes, shared drives, and disconnected billing tools. Teams can review who should have access to the case, what information belongs with the file, and which records need to be protected before they are shared outside the organization.

Evidence & Export Controls

Casewyze supports evidence-aware workflows that help teams keep files connected to the relevant case record. Attachments, reports, folders, tags, and access labels are managed in the same workspace as the investigation, reducing the chance that sensitive material is separated from its context.

Exported records require customer-controlled handling. Agencies should limit who can download files, document material exports when needed, and store exported reports or evidence in approved locations. For broader evidence handling practices, see our guide to digital evidence and chain of custody.

Encryption at Rest

Data stored within Supabase-managed databases and storage systems is encrypted at rest using industry-standard encryption technologies provided by the cloud infrastructure providers supporting the platform.

Infrastructure Security

Netlify and Supabase maintain cloud infrastructure designed with security protections including:

  • Network monitoring;
  • Infrastructure access controls;
  • Automated platform updates;
  • Security patching;
  • DDoS mitigation capabilities;
  • Logging and monitoring systems.

Backup & Reliability

Casewyze utilizes cloud-hosted infrastructure with redundancy and backup capabilities designed to support platform reliability and data recovery efforts.

While no cloud platform can guarantee uninterrupted availability, our infrastructure providers are designed to support high availability and operational continuity.

API & Integration Security

API access is secured using authenticated access tokens and permission controls. Customers are responsible for protecting their API credentials and limiting access to authorized systems and personnel.

Account Security Features

Casewyze supports security-focused account management features including:

  • Password-based authentication;
  • Multi-factor authentication support;
  • Session management;
  • User access revocation;
  • Organization-based access separation;
  • Audit logging capabilities.

Administrative Controls

Agency owners and managers need practical controls that match real investigative work. Casewyze is designed to separate administrative users, investigators, vendors, staff, and client contacts so teams can grant access based on actual responsibilities.

  • Separate accounts for individual users;
  • Organization-level access boundaries;
  • Role and permission management;
  • Case-centered activity visibility;
  • Revocation workflows for former staff or vendors.

These controls support the broader oversight workflows described on the Casewyze features page.

Incident Reporting

If you believe a Casewyze account, workspace, exported file, or integration credential may have been exposed, contact us promptly so the issue can be reviewed. Include the affected organization, user accounts, approximate timing, and any relevant technical details.

For urgent security concerns, use the contact page and include "Security" in the message so the request can be routed appropriately.

Shared Responsibility

While Casewyze implements technical safeguards designed to protect customer information, security also depends on customer-controlled practices such as:

  • Maintaining strong passwords;
  • Enabling MFA where available;
  • Restricting user permissions appropriately;
  • Managing former employee access;
  • Protecting exported files and downloaded records.

Compliance & Security Practices

Supabase and Netlify maintain security and compliance programs designed to support modern cloud application security practices. Additional information regarding their infrastructure and compliance programs can be found directly through their respective security documentation. Casewyze also follows the broader direction of CISA Secure by Design guidance for reducing preventable security risk.

Security is a shared discipline. Casewyze provides platform safeguards and access controls, while customers remain responsible for configuring permissions, enabling available protections, and handling exported records securely.