Security

Security at Obelo

Last updated: March 2026

Our Commitment

Your brand assets and data are important to us. We build security into every layer of Obelo so you can focus on creating exceptional content without worrying about your information.

Data Protection

Encryption

All data is encrypted in transit using TLS. Your brand assets and generated content are stored securely and isolated per organization.

Data Isolation

Each organization's data is fully isolated. Your brand assets, strategies, and generated content are never shared across accounts or used to train AI models.

Access Controls

We implement access controls to keep your account secure:

  • Organization-scoped access: team members only see their org's data
  • Secure authentication via Clerk with multi-factor support
  • API key management for programmatic access

Infrastructure

Obelo runs on modern cloud infrastructure with:

  • Containerized microservices with health monitoring
  • PostgreSQL with per-organization data isolation
  • S3-compatible object storage for brand assets
  • API gateway with rate limiting and request validation

Security Practices

Secure Development

Our engineering team follows secure coding practices with code reviews and automated testing as part of our development workflow.

AI Data Policy

Your brand data, generated content, and campaign strategies are never used to train AI models. Your intellectual property stays yours.

Privacy by Design

We collect only what's needed to deliver the service. You retain full ownership and control over your data, and can export or delete it at any time.

Compliance Roadmap

We're working toward industry-standard certifications. Status reflects what we hold today vs what's scheduled — no claim is made until the certification is in hand.

  • SOC 2 Type II — Planned. Audit window targeted for Q4 2026.
  • GDPR — Compliant by design. Data isolation, export, and deletion supported today.
  • HIPAA — Not in scope. Obelo does not process PHI; if your use case involves it, contact us.

Responsible Disclosure

We welcome security researchers to help us keep Obelo secure. If you discover a vulnerability, please report it responsibly:

  • Email security@useobelo.com with details of the vulnerability
  • Allow us reasonable time to address the issue before public disclosure
  • Do not access or modify user data without explicit permission

Contact Us

For security questions, contact us at security@useobelo.com.