Security

Your operational data deserves the same protection as your bank account.

Encryption

All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Database connections use SSL. File storage uses server-side encryption.

Data Isolation

Each workspace is isolated at the database level. Expert runtimes operate in scoped environments with access only to their assigned engagement. No cross-tenant data access is possible.

No Model Training

We do not use your data to train AI models. Your files, conversations, and records are used exclusively to operate your expert services.

Infrastructure

Talea runs on Vercel (application), Neon (Postgres database), Cloudflare R2 (file storage), and Fly.io (expert runtimes). All infrastructure is hosted in secure, SOC 2-compliant facilities.

Access Controls

Expert runtimes receive scoped tool access through the Control Plane. They cannot access raw credentials, other workspaces, or external systems without explicit authorization. Side-effect actions (sending emails, sharing files) require user approval.

Export and Deletion

You can export all your data at any time. You can request complete deletion, which is processed within 30 days. Backups containing your data are purged on their retention schedule.

Reporting Issues

Report security concerns to security@talea.work.