Security & Compliance Overview

iShopMaster is built so that each business’s data stays private, staff access is controlled, and sensitive actions are recorded. This overview describes the assurances the platform provides to business owners.

Data isolation

Each business’s data is isolated from every other business on the platform, so one tenant can never access another’s records.

Role-based access control

Access is governed by roles and permissions so staff only see and do what their job requires.

Roles & permissions: Granular permissions cover viewing, creating, editing, deleting, approving and exporting.
Branch scope: Staff are scoped to their branch; managers to their assigned branches; owners/HQ to the whole business.
Approvals: Sensitive operations can require supervisor approval, with per-branch approval limits.

Audit trail

Sensitive actions — including price changes, cash-drawer access and repair custody changes — are recorded so the business has a forensic record of who did what and when.

Protection of sensitive data

Customer and device credentials captured during repair intake are encrypted, passwords are securely hashed, and cash-control overrides are protected by a supervisor PIN.

Frequently Asked Questions

Is my business data isolated from other businesses?

Yes. Each business is an isolated tenant; data is never shared between businesses on the platform.

Can I control what my staff can access?

Yes. Role-based permissions and branch scoping ensure staff only access what their role and location allow, with approvals for sensitive actions.

Are sensitive actions recorded?

Yes. A forensic audit trail records sensitive actions such as price changes, cash access and repair custody changes.