Alviora
LEGAL

Information security policy

We want to operate the platform with clear security, continuity, and continuous-improvement criteria, protecting the confidentiality, integrity, and availability of information.

General approach

Our goal is to work with a documented, regularly reviewed, risk-based system to protect internal information and customer information.

This does not mean we are publicly claiming ISO 27001 certification today, but we do use that kind of framework as a reference to organize controls, responsibilities, and continuous improvement.

Commitments

  • Comply with the legal, contractual, and operational requirements applicable to the service.
  • Work with risk management and continuous improvement of security controls.
  • Provide the material and human resources needed to operate the service responsibly.
  • Treat information security as part of the product's value, not as an afterthought.

Strategy and culture

  • Make information security a visible part of how we operate the product and interact with customers and providers.
  • Extend internal security culture so that each technical or operational change takes data, risk, and service continuity into account.
  • Use security as a tool to reduce incidents, protect customer trust, and preserve the project's competitiveness.

Protection principles

  • Confidentiality of internal and customer data.
  • Integrity of information and operational flows.
  • Availability of the service and recovery capability in the event of incidents.

Technical and organizational measures

  • Role-based console access and separation between customer users and SUPER_ADMIN operators.
  • Basic operational traceability for critical actions, status changes, and relevant account events.
  • Use of specialized providers for voice, AI, payments, and infrastructure, subject to their contractual and technical controls.
  • Manual review of high-impact GDPR workflows before they are marked as operationally resolved.

Security incidents

If you detect a vulnerability, incident, or any risk related to the security of data or service availability, contact us at legal@xevicases.com.

Reports are reviewed under the internal procedures available at that time. If we later publish a dedicated security or responsible-disclosure channel, it will be listed here.

This policy is complemented by internal technical, operational, and incident-response controls that may evolve without changing these public security principles.

See how this AI layer would handle the calls you cannot afford to miss.

Signup still exists and remains direct, but it is no longer the first thing the homepage asks for. It appears here once the value is already clear.

Book a demo Create workspace