Security & privacy at Brandex

Sign-in is handled by a managed identity provider with email/password and Google OAuth. Workspaces are multi-tenant with role-based access (owner, admin, editor, viewer). Privileged actions (role changes, secret access, API key rotation) are audit-logged. Sessions are bearer tokens stored in browser storage and validated server-side on every privileged call.

Tenant data is isolated at the database layer via Postgres row-level security. Every table that holds tenant content carries a policy that scopes reads and writes to members of the owning workspace. The application code cannot bypass these policies; only verified backend webhooks use the service role, and they are signature-checked before any privileged write.

All traffic between you, Brandex, and our infrastructure is encrypted in transit over TLS 1.2+. Data at rest in the database, object storage, and backups is encrypted by the underlying platform. Webhook secrets and API keys are stored in a managed secret store and are masked in the UI — only the last four characters are visible after creation.

We collect the content you create (brand dossiers, assets, prompts), the integrations you connect (CRM, Search Console, social), and operational telemetry (errors, usage counts) needed to run the product. We do not sell personal data and we do not train shared models on your private brand content.

Generated assets and brand memory are kept for the life of the workspace and 30 days after deletion to allow recovery. Audit logs are kept for 12 months. To delete a workspace or export your data, email privacy@brandex.app from the owner address; we respond within 5 business days.

We rely on: Lovable (hosting + managed Postgres + AI gateway), Resend (transactional email from brandex.app and notify.brandex.app), and — only when you explicitly connect them — HubSpot, TikTok, Google Search Console, Slack, and Meta. Connecting an integration shares only the scopes you grant in that provider's consent screen.

Outbound email is sent from verified domains (brandex.app for transactional, notify.brandex.app for marketing) with SPF, DKIM, and DMARC aligned. Every marketing email includes a one-click unsubscribe; suppressed addresses are honored across the workspace.

If you believe you've found a vulnerability, please email security@brandex.app with steps to reproduce. We acknowledge within 48 hours and aim to patch high-severity issues within 7 days. We do not currently run a paid bounty, but we credit responsible disclosures on this page on request.