Security
How Aventra protects your work
This page is maintained by the Aventra team to describe the security controls that ship in the product today. It is not a certification — for a security review with our team, contact support.
Account protection
Accounts are protected by email + password authentication with secure password reset flows. Optional leaked-password detection blocks weak credentials.
Workspace isolation
Every workspace's data is isolated from every other workspace through row-level security at the database layer. You only ever see your own data.
Private file storage
Uploaded files are stored in a private bucket scoped to your workspace. Files are never publicly listable or browsable.
Role-based access foundations
Roles are stored in a dedicated table rather than on the user profile, preventing common privilege-escalation patterns. Member and admin roles are checked server-side.
Secure payments
All payments are handled by a regulated payment provider. Aventra never sees or stores your full card number, expiry, or CVV — only a non-sensitive reference.
No card data on our servers
We rely on the payment provider's hosted checkout, so cardholder data flows directly between you and the provider. We only store the resulting transaction record.
Report a security concern
If you believe you've found a vulnerability, please contact us via the support page.
Contact support