Grain Manager is in active beta. Built with growers in real harvests. Request early access →

Grain Manager
Request early access

Home · Security & data

Security & data

Your records, kept like they matter.

Grain Manager is built on standard, well-tested infrastructure used by thousands of businesses. Nothing exotic, nothing experimental. Your data is encrypted, backed up, and exportable at any time — and it stays yours.

Hosting

UK / EU managed cloud (Render)

Database

Managed Postgres with point-in-time recovery

File storage

Cloudflare R2 with private buckets

Encryption in transit

TLS 1.2+ on every connection

Encryption at rest

AES-256 across database and storage

Backups

Automated daily, retained 30 days minimum

How it's protected

The practical security picture.

Modern authentication

Email and password with strong hashing (Argon2 / bcrypt class). Optional two-factor authentication. Sessions expire sensibly. Password reset is rate-limited.

Per-account isolation

Every farm's data is logically isolated. Application-level checks make sure you can only see — and only edit — your own records.

Minimal access on our side

Production access is restricted to James for support purposes. Access is logged. We never read your records without a reason — and never without your knowledge.

Backups you can trust

Automated daily backups with point-in-time recovery on the database. File storage is replicated. We test restores periodically.

Patching and dependencies

Dependencies are monitored for known vulnerabilities. Security patches are applied promptly. The application stack is rebuilt and redeployed regularly.

You own the data

Your data is yours. Export to CSV any time. Cancel and take it with you. We do not sell, share, or train on your records.

UK GDPR

Plain-English data principles.

Grain Manager processes the records you put in — crop lots, contracts, passports, movements, and the contact details of the people you work with. It does so only to provide the service to you.

  • You're the controller of your farm's data. Grain Manager is the processor.
  • We process data only to provide the service, support you, and keep things secure.
  • We don't sell your data, share it with merchants, or use it for advertising.
  • We don't use your records to train AI or other models.
  • You can request export or deletion at any time by emailing sales@grainmanager.uk.
  • Sub-processors used to run the service (hosting, email delivery) are listed in the privacy notice.

Responsible disclosure

Found something? Tell us.

If you've found a security issue with Grain Manager, please email sales@grainmanager.uk with the words "Security report" in the subject. We'll get back to you quickly and work with you to address it. We don't run a bug bounty during the beta, but we'll acknowledge contributions in any release notes.

Read the privacy notice in full.

Drafted in plain English. Updated alongside the product as it grows.

Read privacy notice Read terms of use