Security & Trust
You're handing us the keys
to your clients' sites
So here is exactly how we protect them — encrypted credentials, no passwords, a governed and audited action engine, EU data residency, and privacy-law-grade consent. Everything below is true today. Where we're still working, we say so.
How your data and sites are protected
Credentials encrypted with AES-256-GCM
Every provider API key and token you store is encrypted at rest with AES-256-GCM before it touches the database — never in plaintext. Keys are versioned by key-ID so they can be rotated, and a separate SHA-256 hash lets us validate a credential without ever decrypting it.
No passwords to steal
Sign-in is Google OAuth or a one-time email magic link — there is no interactive password to phish, reuse, or leak. Sessions are database-backed, optional TOTP two-factor is available, and auth cookies are scoped host-only per subdomain so the app and admin surfaces never share a session.
Governed, not fire-and-forget
Aura's action engine is governed. Mutating actions are risk-classified and approval-gated by default, higher-risk writes require explicit human sign-off before they touch a live site, and every action is recorded — who or what asked, who approved, and exactly what ran. On WordPress, each write carries a single-use, scoped grant the on-site plugin can enforce.
Your data stays in the EU
Your account and resource data is stored in the European Union — in Neon's EU (Frankfurt) region — and the Aura app that serves it runs in the same EU region (fra1), co-located with the database.
Built for GDPR & Israel Amendment 13
Consent is captured the way the law requires: separate, unchecked-by-default choices for privacy and for marketing, with marketing strictly opt-in and never a condition of signing up. Cookie consent is honored, and you can review or withdraw your choices at any time.
Least-privilege, open-source agent
SiteAgent connects with its own scoped token by default — not your WordPress admin password. Any credentials it does store are encrypted at rest with AES-256-GCM. It's free and open-source on wordpress.org and GitHub, so you can read exactly what it does. Row-level security is enabled on every database table as defense-in-depth on top of application-level tenant isolation.
Where we stand on compliance
We won't claim a certification we don't hold. Here's the honest status — what's in place, and what's still in progress.
- GDPR-aligned data handlingIn place
- Israel Privacy Protection Amendment 13 consentIn place
- Encryption at rest for all provider credentialsIn place
- SOC 2Readiness in progress — not certified
- Independent third-party penetration testOn the roadmap
Found a vulnerability?
We'd rather hear it from you than from an attacker. Report a security issue and we'll work with you to fix it — no legal threats for good-faith research.