Security and privacy

How BOS.dog protects facility data, parent information, and dog records.

Facility data isolation

BOS.dog is a multi-tenant system — every facility's data is completely isolated. Every single database query is scoped to the active facility, so a boarding center in Mumbai cannot see dogs, bookings, or care logs from a facility in Bangalore. This isn't just access control; it's built into the data layer itself.

Two facilities with completely isolated data, separated by a barrier — Every facility's data is completely isolated at the database level

Parent access security

Parents don't use passwords. When a facility sends a portal link via WhatsApp, tapping it creates a secure session using an HMAC-signed cookie — a cryptographic signature that's verified on every page load. The session lasts 90 days and is scoped to the parent portal only. There's no password to forget, no account to hack, and no credentials stored in a database.

Auth flow: Link sent, Parent taps, HMAC cookie set, Verified every load — No passwords — cryptographic proof via signed cookies

Staff authentication

Facility staff sign in through Google OAuth — the same secure login used by Gmail, Google Workspace, and millions of other apps. Sessions last 30 days with daily refresh. Every action a staff member takes is checked against their role: owners see everything, managers run operations, and caretakers are restricted to care logging. This enforcement happens at both the page level and the server action level.

Three layers: Google OAuth, Role-based access, Enforcement at page and server action level — Authentication, authorization, and enforcement at every level

Share links

Report cards, daily updates, invoices, and intake forms are shared via token-based URLs. Each token is a random string that's impossible to guess — knowing one link doesn't reveal any others. Every share link can be expired (they default to 90 days) or revoked instantly by the facility. The system tracks views, so the facility knows when a parent has opened a shared link.

Every share link is random, expirable, revocable, and tracked

Document storage

KYC documents uploaded by parents (Aadhaar, PAN, driving license, etc.) are stored in cloud storage with access controls. Documents are only visible to the parent who uploaded them and to the staff of the facility they belong to — no other facility can see another facility's parent documents. Documents are never shared across facilities, and they follow the same data isolation rules as all other records in BOS.dog.