Security at Ruberis

Our security model is stricter than most ed-tech products because the audience is K–12 writing teachers. The principles we hold ourselves to:

• Collect the minimum PII necessary to operate the service.
• Row-level security on every database table by default.
• Teacher judgment is authoritative — AI never auto-releases.
• Audit trail for every grading decision and every admin action.
• Treat every outage, leak, or permissions bug as a launch blocker, not a backlog item.

Ruberis stores data in a single Postgres database managed by Supabase. Every table has row-level security (RLS) enabled. Policies are defined so that a signed-in teacher can only read and write rows where they are the owner. Service-role access is restricted to server-side code the teacher cannot reach directly.

We load-test these policies in CI by asserting that one teacher cannot read another teacher’s classes, assignments, rubrics, or submissions.

All traffic between your browser and Ruberis uses TLS 1.2 or later. Data at rest in our managed Postgres is AES-256 encrypted by Supabase. Backups are encrypted using the same standard and retained according to Supabase’s backup policy.

Teacher authentication uses Supabase Auth with email + password over TLS. Sessions are stored in HTTP-only cookies. We refresh session tokens on every request in middleware so a stolen token has a short useful lifetime. We’ll support SSO (Google, Microsoft) on the School plan.

Students join with a class code and a teacher-chosen identifier — no email, no password. Their session lives in a cookie scoped to a single class. This means there’s no student credential to phish, share, or leak.

Ruberis runs on infrastructure from a small set of vetted providers:

• Vercel / Railway — serves the web app and background worker in US regions.
• Supabase — managed Postgres, authentication, and file storage.
• Anthropic — the grading model provider. Essay text is sent per request and not retained for training.
• Stripe — payment processing. No card numbers ever touch Ruberis servers.

A signed DPA is available for schools and districts. Email send us a message.

The AI grading model sees an essay and a rubric and returns scores with evidence. It does not see teacher account data, student identifiers, or other essays outside the one it’s grading. Our contract with our model provider prohibits using Ruberis traffic to train general-purpose models.

Every AI response is stored with the exact prompt and rubric that produced it so we can reproduce any decision a teacher questions.

Every proposed score, every teacher override, and every admin-initiated action is logged. If a parent, student, or school asks why a score came out a particular way, we can show the rubric that graded it, the essay at the time of grading, and the teacher action that released the score.

If we discover a security incident that affects customer data, we notify affected teachers within 72 hours and publish a public post-mortem on the same timeline where it doesn’t compromise the investigation. School plan customers get a direct call from us, not an email.

If you’ve found a vulnerability in Ruberis, please report it to send us a message. We commit to acknowledging reports within one business day and to working in good faith with researchers. We don’t currently run a paid bug bounty, but we’ll publicly credit any confirmed finding with the researcher’s permission.