LivraOne
TRUST

Security at LivraOne

Last updated July 17, 2026

Draft for early-access review. Final legal language must be approved by qualified counsel before public launch.

Tenant isolation

Workspace membership and server-side permission policies restrict every request. Transactional data is designed for PostgreSQL row-level security as an additional tenant boundary.

Account protection

Passwords use a memory-hard hash, sessions are revocable and rotated, and privileged actions are audited. Multi-factor authentication and enterprise identity controls are part of the production rollout.

Files and infrastructure

Media is stored in restricted object storage with short-lived signed access. The application origin is not intended for direct public exposure, and secrets remain outside source control and container images.

Report a concern

Please send suspected vulnerabilities privately to security@livraone.com. Do not include sensitive customer data in an initial report.

← Back to LivraOneQuestions? hello@livraone.com