Security at the Core
Security isn't an afterthought at Orivio — it's built in from the start. Your data is protected by multiple layers of security, including encryption in transit and at rest, secure infrastructure, strict authentication, and privacy-first data handling.
Encryption in Transit & at Rest
We protect data with TLS 1.3 in transit and encrypted storage at rest. When processing email, bodies are encrypted in our application (AES-256-GCM) and kept only for the duration required to deliver features.
Privacy-First Data Handling
We keep only the information required to deliver Orivio's features and operate the service.
Secure Infrastructure
Orivio runs on a managed cloud platform with encrypted databases, isolated services, and automated backups.
OAuth 2.0 Authentication
We connect to your email and calendar using OAuth 2.0 via Google or Microsoft, so we never see or store your passwords. You stay in control — you can revoke access from your Google or Microsoft account, or directly inside Orivio at any time.
Continuous Security Practices
Security is built into how we develop and run Orivio. We stay aligned with industry best practices and are expanding our safeguards as the platform grows.
Incident Response
If a security issue occurs, we follow a clear process: contain → investigate → fix → notify. You can report vulnerabilities or concerns directly to support@orivio.ai.
Infrastructure Security
Cloud Security
Orivio runs on Hetzner Cloud with encrypted storage at rest and TLS 1.3 for all connections. Services run in isolated containers and secrets are stored outside of code.
Data Centers
Orivio is hosted on Hetzner Cloud, which runs across secure data centers in Europe.
Network Security
Orivio runs on Hetzner Cloud, where services are isolated and network access is restricted.
Backup & Recovery
Encrypted, automated backups are maintained by our provider.
Application & Data Security
Access & API Protection
Sign in with Google or Microsoft (OAuth 2.0). We request only the permissions needed and never store passwords. You can revoke access from your Google or Microsoft account, or within Orivio at any time.
Encryption
TLS 1.3 in transit; provider encryption at rest for storage and backups. Emails, chat messages, and knowledge base articles are application-encrypted (AES-256-GCM) at rest.
Data Handling
We minimise what we retain to deliver features and operate the service.
Deletion & Backups
Account deletions remove data from active systems.
Compliance & Governance
Privacy Regulations
We follow GDPR/UK GDPR principles. ICO registration: in progress. We honor data-subject rights (access, deletion, portability) and minimize what we collect.
Security & Vulnerability Scanning
Automated checks for dependencies, secrets, and code vulnerabilities with CI gates and tracked remediation.
Access & Authentication
Google OAuth sign-in, MFA for admin access, least-privilege roles, and password strength checks where passwords are used.
Data Handling & Encryption
TLS 1.3 in transit, provider-encrypted storage, application-level encryption for sensitive email content, and minimal retention.
Security Incident Response
Incident Response
In the event of a security incident, our response team follows established procedures to contain, investigate, and resolve issues with minimal impact to users.
Transparency
We believe in transparent communication about security issues that may affect our users, providing timely updates and remediation steps.
Report Security IssueHave Security Questions?
Our security team is here to address any questions or concerns you may have about how we protect your data. For security-related inquiries or to report potential vulnerabilities, please contact us directly.
Contact Security Team