Guardian Route is purpose-built for K-12 transportation, where student data protection is not optional. Every layer of the platform — from database to browser — is designed with security as a first-class requirement.
TLS 1.3 in transit. AES-256-GCM for credentials and API tokens at rest. All database connections encrypted.
Row-level security (RLS) on every table ensures districts can only access their own data. No shared data leakage paths.
6-tier role hierarchy with least-privilege defaults. MFA enforcement for administrative roles. Session management with AAL2.
Hosted on Vercel (SOC 2 Type II) and Supabase (SOC 2 Type II). Automatic security patches. No self-managed servers.
Student transportation data is treated as an educational record under FERPA (34 CFR § 99). Guardian Route operates as a school official with legitimate educational interest. We maintain strict access controls and audit logging for all student data operations.
All route changes, data imports, and administrative actions are recorded in an immutable audit trail. AI-generated queries and reports include execution logs with token usage and cost tracking.
If you discover a security vulnerability, please report it to security@guardianroute.app. We take all reports seriously and will respond within 48 hours.