At Staff Track our fundamental belief is that your clients, invoices, quotes, price lists, HR files and team messaging only belong to you.Not “we promise not to look.” Staff Track can't look. Neither can a hacker who breaches external servers.
Most software protects your data from everyone except the company that provides it.
Staff Track built Enhanced Data Protection so the provider is locked out too.
Your passphrase becomes an AES-256 key on your own device — it never touches our servers. Customers, quotes, invoices, take-offs, HR records and pay details are sealed before they leave your browser or phone.
Messages, photos and voice notes are encrypted device-to-device. Staff phones carry hardware keys (Secure Enclave) authorised automatically — your crew signs in once and it just works. We relay ciphertext; we can’t read a word.
Our own support team can’t open an encrypted account without a one-time code only you can generate — and even inside, sealed data stays sealed and pay, prices and bank details stay masked. Access expires automatically.
Ask Staff Track to enable Enhanced Data Protection (EDP) in Settings and set your encryption passphrase. You get a one-time recovery key — store it safe.
Your company’s data encrypts automatically. One button seals your existing history too — customers, quotes, invoices, prices, HR, chat, files etc.
Staff phones receive hardware-backed keys automatically in the background. One login, nothing new to remember.
Quotes and invoices you send carry a one-off key inside the link itself — your customer reads a perfect document; our server never can.
The things that would actually hurt if they leaked.
| Staff Track | Typical trade platforms* | |
|---|---|---|
| Encrypted in transit & at rest | ✓ | Some- Maybe |
| Encryption keys held by you — the customer | ✓ | — |
| Provider (Staff Track) locked out of your data | ✓ | — |
| We can’t see your messages, photos, voice notes etc | ✓ | — |
| Only you grant us support access — it expires automatically, or you revoke it | ✓ | — |
| All your business and personal data masked from support | ✓ | — |
| Breach of provider exposes your business data | NO! | Yes — readable |
*Based on publicly available security documentation of leading job-management platforms for trades, June 2026. Standard server-side encryption protects against outsiders — not against the provider itself.
Serious cryptography is useless if your crew won't use it. So they'll never see it.
Employee phones hold chat keys in tamper-proof hardware — never your customer list, HR files or pricing. One tap in your device list revokes a lost phone for good.
Your one-time recovery key restores access in minutes. (Lose both and nobody on earth can recover the data — including us. That’s the guarantee working.)
Sealing happens in milliseconds on-device. Quotes send, jobs schedule, chat flows — your team won’t know it’s there, and your customers get perfectly readable documents.
It’s an optional upgrade you switch on per company. Ask Staff Track to flip it on in Settings, set your encryption passphrase, and press “Encrypt existing records” — your historic data seals too. Companies that don’t enable it keep working exactly as before.
When you enable encryption you get a one-time recovery key — store it somewhere safe (a password manager, a safe, your accountant). Either the passphrase or the recovery key unlocks your data. If you lose both, your sealed data is unrecoverable — by you, by us, by anyone. That’s not a limitation; it’s the proof the system works.
No. Staff sign in once, like always. Their phones carry hardware-backed device keys (Secure Enclave on iPhone) that are authorised automatically in the background — chat and the data they need just works, with nothing extra to type or remember.
Only if you let them in, and even then — no. Support can’t enter an encrypted account without a one-time access code that only you can generate, it expires automatically, and sealed data stays sealed the whole time. Pay rates, supplier prices and bank details are masked from support regardless.
No. Sealing and opening happens on your own device in milliseconds using hardware-accelerated AES-256-GCM — the same cipher class protecting online banking. You won’t notice it’s there. That’s the point.
Run your whole trade business — jobs, quotes, staff, chat — on a platform that treats your data like it's yours. Because now it actually is.