Security
Your guests' data is a liability we take seriously
Multi-tenant platforms live or die on isolation. TELLIIANO enforces it in the database itself — every query, every table, every file — and treats the application layer as a second line of defense, not the first.
Tenant isolation at the database
Every row of your data carries your organization's identity, and PostgreSQL row-level security policies enforce isolation on every query — independent of application code.
Server-side authorization
Every action is checked against your role and permissions on the server. The browser is never trusted with authorization decisions.
Encrypted in transit and at rest
All traffic is TLS-encrypted. Data at rest is encrypted by our infrastructure providers (Supabase / AWS).
Append-only audit trail
Security-relevant actions — logins, role changes, exports, configuration changes — are recorded in an audit log that cannot be edited or deleted, even by administrators.
AI guardrails
Assistants only see their own organization's knowledge. Uploaded documents are treated as data, never as instructions, and retrieval is filtered by tenant before ranking.
Least-privilege secrets
Integration credentials are stored encrypted and never exposed to the browser. Service credentials never leave the server.
A note on compliance
TELLIIANO is architected to support GDPR and CCPA-related requests (data export, deletion, consent tracking) and to keep card data out of scope by processing payments through Stripe. We do not claim certifications we have not earned: formal compliance for your business requires legal, operational, and security review on your side as well as ours. Ask us for our current security documentation.