Security at Eliorexa

Protecting your business and your customers' data is the foundation, not a feature.

Encryption

Encrypted in transit (TLS) and at rest. Secret keys stay server-side, never in the browser.

Every record carries a tenant_id; Postgres row-level security blocks cross-tenant access.

Granular roles (owner → agent), enforced in the database and the app.

Privileged actions are written to an append-only audit log.

Managed Postgres backups via Supabase; point-in-time recovery on eligible plans.

Built around India's DPDP Act. SSO/SAML and SCIM are on the enterprise roadmap.

Reporting a vulnerability? Email security@eliorexa.com (demo). See also the Trust Center.