Home / Security

Security

Trust-focused: multiple layers of protection for your data — by default.

Security at the Core

Security isn't an afterthought at Orivio — it's built in from the start. Your data is protected by multiple layers of security, including encryption in transit and at rest, secure infrastructure, strict authentication, and privacy-first data handling.

Encryption in Transit & at Rest

We protect data with TLS 1.3 in transit and encrypted storage at rest. When processing email, bodies are encrypted in our application (AES-256-GCM) and kept only for the duration required to deliver features.

Privacy-First Data Handling

We keep only the information required to deliver Orivio's features and operate the service.

Secure Infrastructure

Orivio runs on a managed cloud platform with encrypted databases, isolated services, and automated backups.

OAuth 2.0 Authentication

We connect to your email and calendar using OAuth 2.0 via Google or Microsoft, so we never see or store your passwords. You stay in control — you can revoke access from your Google or Microsoft account, or directly inside Orivio at any time.

Continuous Security Practices

Security is built into how we develop and run Orivio. We stay aligned with industry best practices and are expanding our safeguards as the platform grows.

Incident Response

If a security issue occurs, we follow a clear process: contain → investigate → fix → notify. You can report vulnerabilities or concerns directly to support@orivio.ai.

Infrastructure Security

Cloud Security

Orivio runs on Hetzner Cloud with encrypted storage at rest and TLS 1.3 for all connections. Services run in isolated containers and secrets are stored outside of code.

Data Centers

Orivio is hosted on Hetzner Cloud, which runs across secure data centers in Europe.

Network Security

Orivio runs on Hetzner Cloud, where services are isolated and network access is restricted.

Backup & Recovery

Encrypted, automated backups are maintained by our provider.

Application & Data Security

Access & API Protection

Sign in with Google or Microsoft (OAuth 2.0). We request only the permissions needed and never store passwords. You can revoke access from your Google or Microsoft account, or within Orivio at any time.

Encryption

TLS 1.3 in transit; provider encryption at rest for storage and backups. Emails, chat messages, and knowledge base articles are application-encrypted (AES-256-GCM) at rest.

Data Handling

We minimise what we retain to deliver features and operate the service.

Deletion & Backups

Account deletions remove data from active systems.

Compliance & Governance

Privacy Regulations

We follow GDPR/UK GDPR principles. ICO registration: in progress. We honor data-subject rights (access, deletion, portability) and minimize what we collect.

Security & Vulnerability Scanning

Automated checks for dependencies, secrets, and code vulnerabilities with CI gates and tracked remediation.

Access & Authentication

Google OAuth sign-in, MFA for admin access, least-privilege roles, and password strength checks where passwords are used.

Data Handling & Encryption

TLS 1.3 in transit, provider-encrypted storage, application-level encryption for sensitive email content, and minimal retention.

Security Incident Response

Incident Response

In the event of a security incident, our response team follows established procedures to contain, investigate, and resolve issues with minimal impact to users.

Transparency

We believe in transparent communication about security issues that may affect our users, providing timely updates and remediation steps.

Report Security Issue

Have Security Questions?

Our security team is here to address any questions or concerns you may have about how we protect your data. For security-related inquiries or to report potential vulnerabilities, please contact us directly.

Contact Security Team