Every dealership’s data is walled off at the database level
Multi-tenancy isn’t enforced by careful application code alone — it’s enforced by the database itself. The app connects under a restricted Postgres role that cannot bypass row-level security, and every tenant query runs inside a scoped transaction tied to your dealer ID. A query that isn’t properly scoped returns zero rows or is denied outright, by design.
- Postgres row-level security (RLS) policies scope every tenant table to one dealership
- App runs under a NOBYPASSRLS database role — it physically cannot read across tenants
- Every query passes through a per-dealer scoped transaction, not just a WHERE clause
- Multi-location support under a single dealership account, still inside your tenant boundary
Sensitive fields encrypted, accounts protected by MFA
The most sensitive customer and dealer data is encrypted at rest with authenticated AES-256-GCM at the data-access boundary, so it’s stored as ciphertext rather than readable text. Staff accounts can be protected with time-based multi-factor authentication, and the keys behind MFA secrets and PII fields are derived independently from a single master secret.
- AES-256-GCM encryption at rest for dealer EIN and customer date-of-birth and driver’s-license fields
- Authenticated encryption (tamper-evident) with per-purpose key derivation
- Time-based one-time-password (TOTP) multi-factor authentication for staff sign-in
- Encryption applied automatically at the repository boundary — not something staff has to remember
Right access for each role, and a record of everything
Assign each team member one of four roles — owner, manager, sales, or accounting — and the platform gates services and AI actions accordingly. Every meaningful change writes to an append-only audit log, so you can reconstruct who did what and when. If you ever need to hand over or remove a customer’s data, a per-dealer export is built in.
- Four fixed staff roles: owner, manager, sales, accounting — gating both the app and AI actions
- Full audit log written on every create, update, and delete
- AI never mutates your data without an explicit approval (propose → approve → execute)
- Per-dealer data-subject (DSAR) export for handling customer data requests
Dealer data security FAQ
How your data is protected — stated plainly, limits included.
How is my dealership’s data kept separate from other dealers?
At the database level. Every tenant table is governed by Postgres row-level security, and the application connects under a database role that cannot bypass those policies. Each query runs inside a transaction scoped to your dealer ID, so a query that isn’t correctly scoped to your dealership returns nothing rather than another dealer’s records. It’s a hard boundary, not a convention.
What data is encrypted, and how?
The most sensitive identifiers — your dealership’s EIN and each customer’s date of birth and driver’s-license number — are encrypted at rest with AES-256-GCM (authenticated encryption) at the data-access boundary, so they’re stored as ciphertext. Note this is targeted field-level encryption for those fields plus MFA secrets; we don’t claim blanket encryption of every column in the database.
Can I set granular, custom permissions for each employee?
Not today — and we’d rather be straight about it. There are four fixed roles (owner, manager, sales, accounting) that gate what staff and the AI can do. There is no custom permission builder or per-field permission editor yet. If your team needs finer-grained control than four roles provide, this may be a current limitation for you.
Do you offer SSO, SAML, SCIM, or a SOC 2 report?
No. We do not currently offer single sign-on (SSO/SAML), SCIM user provisioning, or a surfaced SOC 2 attestation. Sign-in security is email/password plus optional TOTP multi-factor authentication. If your procurement process strictly requires SSO or a SOC 2 report, we’re not there yet — independent and BHPH dealers are our core ICP, and we’ve prioritized accordingly.
Can I get an audit trail and export a customer’s data?
Yes. Every meaningful change is recorded in an append-only audit log so you can see who changed what and when. For data requests, there’s a per-dealer data-subject (DSAR) export. We are not a law firm and don’t provide legal or compliance advice — you remain responsible for how you handle and respond to data requests under applicable law.
AutoDealer.io provides software for dealers and is not a law firm, security auditor, or compliance consultancy, and does not provide legal or compliance advice. Security features described here (per-dealer isolation, field-level encryption, MFA, role-based access, and audit logging) are platform capabilities, not a certification or guarantee; we do not currently offer SSO/SAML, SCIM, or a published SOC 2 attestation. You remain responsible for your own data-handling, access, and regulatory obligations.
Explore the platform
Dealer management software
All-in-one DMS for independent used-car dealers
Learn moreDealer website builder
Hosted, SEO-ready dealer websites with your inventory
Learn moreAI dealer assistants
Shopper + staff AI with propose-approve-execute control
Learn moreDealer inventory software
VIN auto-decode, photos, costs, AI listings + syndication
Learn moreAuto dealer CRM
Leads with source tracking, deals, customers, and follow-up
Learn moreBuy here pay here software
In-house loan servicing for BHPH dealers
Learn moreF&I & desking software
Desk deals to OTD, F&I products, e-sign + auto-filled forms
Learn moreDealer compliance software
OFAC screening, Red Flags ID checks, FTC notices & audit log on every deal
Learn moreDMV & title software
Title work auto-starts on sale, ages against its SLA, forms auto-filled
Learn moreFloor plan management software
Lines & lenders, curtailment due dates, payoffs & floor-plan aging
Learn moreDealership reporting software
Gross, turn, lead funnel, title SLA + QuickBooks journal CSV export
Learn moreSee how your data is protected
Start a free trial and explore the platform — per-dealer isolation, encrypted PII, MFA, roles, and the audit log are part of every account. No setup fees, cancel anytime.