Draft for legal review before launch
Security Statement
A practical summary of Essential Secure's security posture, including encrypted storage, audit logging, and staff access boundaries.
Encryption model
Private vault payloads are encrypted before upload where supported. Admin tooling exposes account and file metadata only, not plaintext contents or private recovery material.
Operational controls
The platform uses HTTPS, secure cookies in production, role-based admin permissions, audit logs, background workers, private internal service ports, and production readiness checks.
Customer controls
Users can manage two-factor authentication, generate recovery kit metadata, view activity logs, change passwords, and revoke sessions.
Review note
This security statement is a structured draft and should be reviewed before launch.