Encryption
TLS 1.3 in transit. AES-256-GCM at rest. Per-tenant data keys wrapped under a master KMS key. OAuth tokens are envelope-encrypted before storage and never logged.
Tenant isolation
Postgres row-level security enforces tenant_id on every query. The connection sets `ommo.tenant_id` before any data access; the policy refuses queries that don't match. There is no app-level join that could leak across tenants.
Authentication
Argon2id password hashing. Optional 2FA (TOTP). Session cookies are httpOnly + secure + scoped per product subdomain so an analytics cookie isn't presented to ads. Brute-force protection on login.
Vulnerability disclosure
Email [email protected] with details. We acknowledge within 24 hours, triage within five business days, and credit researchers in our security hall of fame on request. We do not pursue legal action against good-faith researchers.
Compliance
KSA PDPL aligned today; SOC 2 Type II in progress. GDPR principles supported on request. Audit logs preserved for three years.
READY WHEN YOU ARE
Need a hand? Talk to a real person.
Every email reaches a human within one business hour. No autoresponders, no ticket queues you can't see.