Security
Your data stays on your hardware
Vorrex Server runs on-premises at every plant site. No cloud hosting, no shared tenants, no data leaving your network. Every access event, every garment transition, every automated decision is written to an immutable audit log that cannot be altered — enforced at the database level, not just in application code.
Deployment model
Vorrex Server runs inside your network
Vorrex Server is an ASP.NET Core 10 application installed as a Windows service on a machine you control. It connects to a SQL Server 2022 database on your local network. There is no Vorrex cloud component in the operational path — plant-floor scans go from Vorrex Terminal to Vorrex Server to SQL Server, entirely on your LAN.
Each plant site runs its own independent Vorrex Server instance. A compromise at one site does not affect other sites. For multi-site laundry groups using the HQ estate dashboard, the HQ API aggregates read-only reporting data — plant-level write operations stay local.
Audit trail
Every event is permanent. Nothing can be edited out.
Every garment status change — whether triggered by an operator scan on Vorrex Terminal, an automated compliance rule, or a wash batch completion — writes a row to the LifecycleEvent table. A database trigger prevents any UPDATE or DELETE on that table. This is not an application-level constraint that can be bypassed by a rogue API call — it is enforced in SQL Server itself.
Each event records: the garment UID, the previous status, the new status, the operator or system process responsible, the timestamp, and the plant context. Automated transitions — wash routing, inspection pass/fail, protection engine allocations — are logged with the same fidelity as manual operator actions. Nothing is inferred after the fact.
Authentication
Three layers — PIN, JWT, and capability gates
PIN authentication
Plant-floor operators authenticate with a numeric PIN on Vorrex Terminal. Sessions time out automatically. No keyboard required — the touch pad is purpose-built for gloved hands.
Vorrex Terminal
JWT bearer tokens
Every API call carries a signed JWT issued by Vorrex Server. The token contains the operator's plant ID, role, and capability set. Plant scoping is read from the token — a client cannot claim a different plant.
Vorrex Server
Capability gating
Every mutating API endpoint checks the operator's capability set before executing. Capabilities are configured per operator in Vorrex Manager. A sorter cannot trigger dispatch. A driver cannot edit contracts.
Vorrex Manager
Data isolation
Plant data cannot leak across tenants
Every operational table carries a PlantIdcolumn. EF Core global query filters ensure that every database query automatically scopes to the current operator's plant. If a filter is intentionally bypassed — for a cross-plant report, for example — a manual .Where(x => x.PlantId == ...) clause is required and code-reviewed.
The plant ID is never accepted from query parameters or request bodies. It comes exclusively from the verified JWT claim. A client application cannot request data for a plant it has not been issued a token for.
Offline resilience
Scans survive network interruptions without data loss
Vorrex Terminal maintains a local SQLite queue at the Scan Station, Goods In, and Wash Hall modes. If the network drops, scans are written to the local queue with accurate timestamps. When Vorrex Server becomes reachable again, the queue replays in order and the garment audit trail is completed without gaps.
Operators receive a visual indicator on the terminal when working in offline mode. They continue scanning at normal speed. No special procedure is required — the system handles the sync automatically when connectivity returns.
Data ownership
You own the database. You control the backup schedule.
Because Vorrex runs on your own SQL Server instance, your DBA controls backups, retention schedules, and encryption at rest. There is no Vorrex retention policy overriding yours. If you want to archive data to cold storage after three years, that is a SQL Server backup job you configure.
Vorrex Manager includes an Export Centre for generating Xero-compatible accounting CSVs and PDF compliance packs. These are point-in-time exports you control — there is no ongoing data feed to any external system unless you configure one through the REST API.
Related reading
See it on your data, or start with the checklist.
Either path works. Pick whichever fits where you are today.