Security
Protecting your data is foundational to everything we build. Here's how we keep your information safe.
Encryption
- •All data transmitted between your browser and our servers is encrypted using TLS 1.2+
- •Data at rest is encrypted using industry-standard AES encryption
- •CRM OAuth tokens (HubSpot, Salesforce) are encrypted using Fernet symmetric encryption before storage
Authentication
- •Passwords are hashed using bcrypt with per-user salts — we never store plaintext passwords
- •Sessions use HTTP-only, secure cookies (SameSite protection enabled)
- •API keys use a unique prefix (pvs_) and are hashed before storage
- •No third-party tracking cookies or advertising scripts
Data Isolation
- •All queries are scoped by user_id — row-level isolation ensures you can only access your own data
- •Team members share a credit pool but have individually scoped signal views
- •Admin access is restricted to authorized personnel with elevated privileges
Infrastructure
- •PostgreSQL database with connection pooling and prepared statements (SQL injection prevention)
- •Application hosted with automated backups and redundancy
- •No user data is shared with third parties for advertising or analytics purposes
- •Enrichment providers receive only the minimum data required to fulfill requests
API Security
- •API access restricted to Pro tier and above with per-key rate limiting
- •All API endpoints require authentication via session cookie or API key
- •CORS configured to allow only authorized origins
- •Input validation on all endpoints to prevent injection attacks
Responsible Disclosure
If you discover a security vulnerability, we appreciate your help in disclosing it responsibly. Please report vulnerabilities to:
support@previse.devPlease include a description of the vulnerability, steps to reproduce, and any potential impact. We will acknowledge receipt within 48 hours and work to resolve confirmed vulnerabilities promptly.