Skip to main content

Security

How we protect your data

Orviora connects to your social accounts and learns from your content, so keeping that data safe is part of the product, not an afterthought. Here is how we handle it.

Encrypted in transit and at rest

Traffic is served over TLS 1.3, and your data is encrypted at rest.

Encrypted credentials

Social account tokens and provider keys are encrypted before they are stored.

Tenant isolation

PostgreSQL row-level security separates every workspace's data at the database layer.

Audits and testing

We run regular security audits and penetration testing against the platform.

Access controls and audit logs

Access follows least privilege, and security-sensitive actions are recorded in audit logs.

Retention and deletion

Delete your account and we remove your personal data within 30 days.

Your data, your rights

We do not sell your personal data. Depending on your jurisdiction, you can exercise the rights below at any time.

  • Access and receive a copy of your personal data
  • Correct inaccurate data
  • Request deletion of your data
  • Object to or restrict processing
  • Export your data (portability)
  • Withdraw consent at any time

Full detail lives in our Privacy Policy.

Working with AI providers

Scoring and content generation send your content to third-party AI providers under data processing agreements. The providers we use may change as the product evolves, and the current list is disclosed in your data processing agreement on request.

Enterprise customers can request a Data Processing Agreement and details on sub-processors through our contact form.

Found a vulnerability?

We welcome responsible disclosure. If you believe you have found a security issue, email us at [email protected] with the details and steps to reproduce, and give us a reasonable window to respond before any public disclosure.