OPEN BETA · The product is free during open beta — no payments taken
Security

Built to protect your data

Multi-tenant isolation at the database level, encryption and least-privilege access — security is part of the architecture, not an add-on.

Per-company isolation (RLS)

Row-Level Security on every table — one company can never read another's data, enforced at the database, not just in code.

Encryption in transit & at rest

All traffic over TLS; data and files encrypted at rest by the managed infrastructure.

Signed file links

Documents, scans and recordings are served via short-lived signed URLs — never public links.

Server-side authorization

Every server function verifies the user (JWT) and company membership; client-supplied IDs are never trusted.

Secrets & least privilege

API keys live only in server secrets; cron endpoints are protected; access is scoped to what each role needs.

Reliability & compliance

Managed PostgreSQL with backups, hardened auth triggers and a GDPR-aligned data approach.

Have a security or due-diligence question? Write to security@aliecrm.com.