Backup + restore runbook
Supabase PITR (Point-In-Time Recovery) + nightly snapshots. AES-256 encrypted at rest. Quarterly restoration tests.
What we commit to
These commitments are written into the MSA / DPA at signing — published here so prospects can verify without needing the full playbook.
- Database: continuous PITR (any point in last 7 days) + nightly snapshot retained 30 days
- Object storage: AWS S3 versioning + cross-region replication
- AES-256 encryption at rest (AWS KMS-managed)
- Quarterly restoration tests with documented results
- Restoration support 24/7 on Enterprise tier; same-day on Pro
Full runbook available under NDA
Full runbook covers: 5 restore scenarios with target RTO each (single-row revert, table-level restore, full-database PITR, region-failure recovery, object-storage rollback), step-by-step Supabase + AWS console procedures, verification checklists, and the quarterly-test log template.
We previously published this runbook in full publicly. After a security review we've moved the implementation detail under NDA — pre-prepared, clickwrap NDA, typical turnaround 3 business days. The high-level commitments above stay public so you don't need the NDA pack just to verify the basics.
Request the full runbookPublic security artifacts (no request needed)
- ← Trust Center — controls, compliance status, verifiable parameters
- status.getleanos.com — real-time uptime + incident history
- Vulnerability disclosure policy — coordinated disclosure + safe harbor for researchers
- Subprocessors — every vendor that touches customer data