Back to home
Security

How we protect your data

Contensa is built for teams who care about data integrity. Here's exactly what we do to keep your content, credentials, and workspaces safe.

Last updated: March 29, 2026

Encryption at rest and in transit

All data is encrypted at rest using AES-256. All traffic between your browser, our API, and our infrastructure uses TLS 1.3. Secrets and API keys are never stored in plain text.

Isolated workspaces

Every workspace runs in a fully isolated environment with its own database namespace. One workspace cannot access another workspace's data — by design, not just by policy.

API key scoping

Each environment (dev, staging, production) has its own API key. Keys can be rotated at any time from your dashboard. Read-only and write-enabled tokens are separate.

Role-based access control

Admin, Editor, and Developer roles with granular permission boundaries. Admins control who can publish, who can modify schemas, and who has API access.

No plaintext credentials

Passwords are hashed using bcrypt with a per-user salt. We support OAuth sign-in via GitHub and Google — we never see your provider password.

Responsible disclosure

Found a vulnerability? We want to hear from you. Email security@contensa.ai with details. We commit to acknowledging reports within 48 hours and resolving confirmed issues within 30 days.

Infrastructure

Contensa runs on AWS infrastructure across multiple availability zones. We use managed services (RDS, S3, ElastiCache) with automated backups and point-in-time recovery enabled.

Database backups are retained for 30 days. Production data is never used in development or staging environments.

We conduct regular dependency audits and apply security patches promptly. Our infrastructure is monitored 24/7 with automated alerting on anomalous activity.

What we don't do

  • We don't sell your data or content to third parties.
  • We don't use your content to train AI models without your explicit opt-in.
  • We don't store API keys or tokens in logs.
  • We don't share workspace data between customers.
  • We don't retain deleted content beyond your workspace's configured retention period.

Report a vulnerability

If you've found a security issue, please email security@contensa.ai with a description of the issue and steps to reproduce. Please don't disclose it publicly until we've had a chance to address it.