Security and trust

Useful intelligence without surrendering control of the shop.

ShopBrain is designed around clear boundaries: read-only operational access, private tenant data, protected credentials, human review, explainable findings, and Stripe-hosted billing.

The trust model

A boundary you can explain to your team.

Security is not one badge. It is the set of limits applied at connection, storage, access, review, analysis, and billing.

Read-only RepairDesk

ShopBrain uses supported read access for analysis. It does not create or edit tickets, invoices, customers, devices, inventory, or purchase orders in RepairDesk.

Separated workspaces

Tenant-aware database policies keep one shop’s operational records, imports, source documents, and intelligence separate from another shop.

Role-based access

Owners control team roles and permissions. Sensitive areas such as billing, security, team management, and audit history have tighter access.

Protected credentials

Integration credentials and service secrets stay on the server. They are never returned to browser code or displayed after storage.

Review before reporting

Uncertain document fields and part matches wait for human confirmation instead of silently changing margin or vendor conclusions.

Bounded AI use

GPT-4o mini assists with supported invoice extraction and plain-language explanation. Deterministic code performs the financial calculations and checks.

Data handling in plain English

Who handles what?

SystemResponsibility

RepairDesk

Remains the authoritative system for day-to-day repair operations. ShopBrain reads supported records and does not write changes back.

Supabase

Stores authenticated workspace, billing-status, operational, evidence, permission, and intelligence records under tenant-aware access controls.

Cloudflare

Runs the ShopBrain application and scheduled processing, serves private application routes, and stores protected recovery objects where configured.

OpenAI

GPT-4o mini assists with supported invoice extraction and validated finding explanations. It does not become the system of record or calculate the shop’s financial totals.

Stripe

Hosts checkout and billing management and stores complete payment-card details. ShopBrain stores only customer, subscription, and status references needed for access.

What ShopBrain is responsible for

Protecting application and server credentials

Enforcing workspace and role boundaries

Verifying signed Stripe webhooks

Keeping private files behind authorization

Flagging uncertain data for review

What the customer controls

Who can access the workspace

Which vendors may send purchasing email

Which source credentials are connected

Whether uncertain imports and matches are approved

Which recommendations the business acts on

Connect with clear boundaries from day one.

Start with every feature, every location, and unlimited usage. Connect real operating evidence and decide for yourself during a 30-day Full Access trial.

Cancel before the trial ends to avoid the first charge.