Security & Trust
Commission numbers are people’s paychecks. Here’s how we protect them — in plain language, claiming only what we actually do, with the specifics your security team will ask about anyway.

What We Actually Do
Every payout traces to the source deal, the rate, and the rule that produced it — through every calculation step. Each pay run snapshots the exact rules in force, so “what was active when this rep got paid?” always has a precise answer. That's not a reporting feature; it's the architecture.
Reps see their own earnings and nothing else — enforced by row-level security in the database itself, not just hidden in the interface. Admin, manager, and payroll roles gate every sensitive action, and joining an org requires an invitation approved by your admin.
Any org can require two-factor authentication for its admins and managers — flip it on and they can't touch admin screens or admin APIs until they've enrolled. The last factor can't be quietly removed while the requirement is active.
TLS on every connection, AES-256 encryption at rest, and integration credentials (like CRM OAuth tokens) additionally encrypted before they're stored. Session-replay diagnostics mask all text and input by default — we can debug without reading your numbers.
Today Commish runs end-to-end in Canada — application compute and database both in Canadian regions. Enterprise plans can choose their data residency. Either way, you know where your payroll data lives, and it isn't “wherever.”
AI features (like describing a comp plan in plain English) run server-side on Commish's own API key, and per our provider's API terms your data isn't used to train models. AI features are conveniences on top of the engine; the math never depends on them.
Under The Hood
No Mystery Middlemen
Four vendors, each with one job. That’s the whole list of services that process customer data.
| Vendor | What they do for us | Where / how |
|---|---|---|
| Vercel | Application hosting | Montréal, Canada (yul1) |
| Supabase | Database & authentication | Canada (Central) |
| Anthropic | AI features only, via API | US — not used to train models |
| Sentry | Error monitoring | Text & inputs masked by default |
As of July 2026. If this list changes, existing customers hear about it from us first — not from a diff of this page.
No Pitch, Just Answers
No. A rep's session can only read their own earnings — the restriction is a database policy, so even an application bug can't hand one rep another rep's statement.
Only admins and managers can change rules, and every pay run snapshots the rules it used. If a rule changes between runs, the before and after are both on record — attached to the runs they governed.
Yes. Your deals, runs, and statements are exportable, and if you leave we'll delete your data on request. It's your payroll history, not our hostage.
AI features process your data server-side through Commish's own API key, and per our provider's API terms it isn't used to train models. The calculation engine itself never depends on AI — the math is deterministic and auditable.
Yes, completely and quickly. Send it to ricki@getcommish.com. We'd rather spend an afternoon on your questionnaire than have you guess.

No Badge Wall
We don’t have a SOC 2 badge yet. We’d rather tell you that than imply otherwise.
We’re an early company, and formal certification is on the road, not on the wall. What we have today is everything above, running in production — plus the audit habit that keeps it true. If your process needs a security questionnaire filled out, send it — we’ll answer it completely and quickly. And if you find something we should fix, tell us — we take that seriously.
Get Started
Bring the team — we’ll walk through all of it on a call.