Trust Centre

Security and privacy you can verify

Elevale is committed to GDPR, UK GDPR, and global privacy standards. This section explains how we protect your data and where to find our legal documents.

GDPR, data retention, privacy rights, security, audit logging, and legal document links.

Explore commitments View documentation

Elevale Trust Centre

Self-service

Privacy Center Export your data or submit a privacy request

Enabled

Audit log Workspace admins can view who changed what

Required

MFA Required for all accounts after signup

Configured

Custom roles Tailored permissions per workspace

Commitments

What you can expect from Elevale

Plain-language outcomes from our platform documentation: encryption, access control, audit logging, data rights, and retention, without implementation jargon.

Authentication

Multi-factor authentication (email or authenticator app) required after signup

Privileged platform roles (super admin, agency admin) must use MFA
Password reset and session management via Supabase Auth

Encryption

In transit: TLS 1.2+ for all connections

At rest: Supabase encrypted storage; OAuth tokens encrypted server-side
Secrets: API keys stored as hashes; no client-side token encryption

Access control

Row Level Security (RLS) on all tenant data

Role-based access: system, organization, and workspace levels
Custom workspace roles with granular permissions

Retention

Clear deletion timelines

Retention periods are consistent across billing, automated jobs, and platform documentation.

View retention policy →

Reviews

Help other directors find Elevale

If Elevale is working for your leadership team, a review on G2 or Capterra helps other business directors discover strategic execution software that fits SMEs and growing teams.

Review on G2 Review on Capterra

Subprocessors

Trusted partners behind the platform

Elevale uses trusted subprocessors to deliver the platform. The authoritative list is published at elevale.app/legal/subprocessors. We provide 30 days notice before adding subprocessors that process personal data.

Provider	Purpose

Documentation

Legal and compliance library

All content is published from Elevale platform documentation in Supabase.

Questions about security or privacy?

Reach our privacy and security teams directly. Data rights requests are handled within our documented 30-day SLA.

Contact privacy team Report a security concern

Security and privacy you can verify

What you can expect from Elevale

Authentication

Encryption

Access control

Clear deletion timelines

Help other directors find Elevale

Trusted partners behind the platform

Legal and compliance library

Compliance guides

Cookie Policy

Data retention and deletion

Your privacy rights

Subprocessors and integrations

Security and data protection

Audit logging

Agency and reseller data responsibilities

Incident response and data breaches

Questions about security or privacy?