Security at Conclavik

All API traffic is encrypted with TLS 1.2+ (HTTPS). Connections using older protocols are rejected. HSTS is enforced with preload. Custom security configurations are available for enterprise clients on request.

Sensitive job data — questions, consensus results, and full reports — is encrypted with AES-256 at the column level before being written to the database. Encryption keys are stored separately from the data.

Completed job data is automatically purged after 90 days by default. You can delete individual runs at any time, or request complete account erasure. Server logs are retained for 30 days.

For maximum privacy, enable ephemeral mode on any request. Results are available for retrieval, then automatically purged within one hour. Zero long-term persistence of your data.

User authentication via Clerk SSO (Google, GitHub, email). API keys are generated with cryptographically secure random generators. Authentication and credential management is handled entirely by Clerk. Session tokens have configurable expiration.

Runs on a dedicated server hosted by Hetzner in Germany (EU). No shared cloud, no multi-tenant infrastructure. Data at rest is encrypted. Access restricted to authorized personnel only.

API endpoints are protected by per-key rate limiting. Each user's data is fully isolated — you can only access your own jobs and results. Admin endpoints require a separate admin key.

Full right to erasure: delete individual runs, purge all job content, or delete your entire account and all associated data permanently. Data portability via full JSON export of your results.