Your data is yours alone.
How Teslines keeps each agency's leads, properties, and conversations completely isolated, encrypted, and under your control.
Agency Data Isolation
Every agency on Teslines operates in a completely separate data environment. Your leads, property listings, deal pipeline, conversation history, legal records, and commission data are inaccessible to every other agency using the platform — not just hidden in the UI, but enforced at the database level.
This is implemented using Postgres Row-Level Security (RLS) policies applied to every table that holds agency data. RLS means that even if a query were constructed incorrectly at the application layer, the database itself would reject it and return no data for the wrong agency. There is no shared data table, no shared inbox, and no shared lead pool between agencies.
Teslines employees can only access an agency's data with that agency's explicit request, and only for the purpose of resolving a support issue.
Data Compliance
Encryption in transit. All communication between your browser or mobile device and Teslines is encrypted via HTTPS/TLS. WhatsApp messages are transmitted over Twilio's encrypted messaging infrastructure.
Encryption at rest. All data stored in the database — leads, conversations, property records, legal documents — is encrypted at rest using AES-256.
Infrastructure. Teslines is hosted on Vercel (application layer) and Supabase (database), both of which operate secure cloud infrastructure with regular automated backups and redundant storage.
Access controls. Production system access is restricted to authorised Teslines personnel and protected by multi-factor authentication. No third party has standing access to production data.
No data selling. Lead data, contact information, conversation history, and property data are never sold, rented, or shared with any party outside of the sub-processors required to operate the service (e.g. Twilio for messaging, AI providers for reply generation). See our Privacy Policy for the full sub-processor list.
GDPR Principles
Teslines is designed around privacy-by-default principles consistent with GDPR expectations, even where formal certification is not required.
Data minimisation. We only collect the information needed to run the CRM — agency account details, the lead and property data your team enters, and anonymised usage analytics. We do not collect or retain data beyond what the service requires.
Controller and processor roles. Your agency is the data controller for the personal data of your leads and clients. Teslines acts as a data processor, handling that data only on your instructions and in accordance with this policy.
Right of access and export. You can request a full export of your agency's data at any time by emailing team@teslines.com. We will provide the export within 5 business days.
Right to deletion. Individual lead records can be deleted from within the platform at any time. Full account deletion can be requested by email and is completed within 30 days.
For the full privacy policy, including the sub-processor list and data retention timelines, see our Privacy Policy.
Reliability
Teslines is built on Vercel and Supabase — infrastructure providers designed for high availability with redundant systems, automatic failover, and continuous monitoring. Both providers publish their own uptime histories and status pages.
We monitor platform availability continuously and aim to communicate any incidents or planned maintenance in advance via email notification to agency administrators.
Enterprise customers. Formal uptime commitments and SLA terms can be discussed as part of an Enterprise plan agreement. Contact us at team@teslines.com to discuss your requirements.
Questions?
If you have a security concern, a question about how your data is handled, or a request for a Data Processing Agreement, email team@teslines.com. We aim to respond within 2 business days.