Your data is yours. Structurally.
Galexivo's single-tenant architecture means your gallery data is never co-mingled with another customer's. Security is a property of the design, not just a policy.
Single-tenant isolation
Every Galexivo instance runs in its own Cloudflare account. Your database (D1), file storage (R2), and application layer (Workers) are separate from every other gallery. A breach of one account cannot affect another.
Encryption at rest and in transit
All data in Cloudflare D1 is encrypted at rest using AES-256. All traffic is encrypted via TLS 1.3. Payment credentials (Stripe keys) are additionally encrypted using AES-GCM before storage — the application uses a per-customer key that never leaves your Cloudflare account.
Cloudflare infrastructure
Galexivo runs on Cloudflare Workers, which run in Cloudflare's 300+ data centres. Your gallery's location is determined by Cloudflare's nearest edge — typically sub-50ms latency for your visitors worldwide. DDoS protection is included at the infrastructure level.
JWT authentication with role separation
Every session uses a signed JWT with a short expiry. Two built-in roles — Manager (full access) and Curator (content only) — limit the blast radius of a compromised account. API keys are scoped and rotatable from the admin dashboard.
Audit log
Every inventory transaction is immutable and timestamped. You can see exactly who changed what and when — not just the current state, but the complete history of every artwork in your collection. The log cannot be edited or deleted.
No Galexivo access to your data
Because your database lives in your Cloudflare account, Galexivo's team cannot query your collector list, inventory, or financial records. We have no standing access. If you need our support to diagnose an issue, a temporary read-only connection is explicitly granted and revoked by you.
Responsible disclosure
If you discover a security vulnerability in Galexivo, please email [email protected] with a description of the vulnerability and steps to reproduce it. Do not disclose it publicly until we have had a reasonable opportunity to address it.
We acknowledge all reports within 48 hours and aim to resolve critical issues within 7 days. We do not currently operate a bug bounty programme but we are grateful for responsible disclosures.
Compliance documents
For enterprise buyers requiring formal documentation: