SECURITY & PRIVACY

Your data is yours. Full stop.

We built Sellara for sales teams that trust us with their most sensitive data \u2014 pipeline, pricing, playbooks, and customer relationships. Here's how we protect it.

How We Protect Your Data

Row-Level Security

Every database query is scoped to your team. Row-level security (RLS) is enforced at the database level — not in application code. Even if there were a bug in the application layer, the database itself prevents cross-team data access.

Encrypted Credentials

All third-party tokens — including Salesforce OAuth credentials and API keys — are encrypted at rest. Sensitive data is never stored in plain text and is only decrypted at the moment of use.

Australian & US Infrastructure

Sellara runs on Australian and US infrastructure via Supabase (AWS) and Vercel. Your data is hosted in trusted, SOC 2-compliant data centres. We’re working towards our own SOC 2 compliance.

Your Data Never Trains Other Models

Sellara uses your proprietary data — your products, pricing, playbooks, and customer conversations — exclusively to power your AI features. Your data is never used to train models for other companies. Full stop.

Server-Side AI Only

All AI processing happens server-side. Your sales data, knowledge base content, and pipeline information never touch the browser. API keys and model interactions are strictly server-side.

Authentication via Supabase Auth

User authentication is handled by Supabase Auth with industry-standard practices: secure password hashing, email verification, and password reset flows. No passwords are stored in plain text.

Data Handling

What We Store

Deal, account, and contact data you enter or import
Knowledge base content you upload (products, playbooks, methodologies)
AI Twin action history and coaching session records
Voice note transcriptions (audio is processed and discarded)
Email drafts and approval history

What We Don’t Do

Sell your data to third parties
Use your data to train models for other customers
Store raw audio files after transcription
Access your Salesforce data beyond the sync scope you authorise
Share your pipeline data with competitors or benchmarking services

Data Retention

Active accounts: data retained for the life of the subscription
Cancelled accounts: data retained for 30 days, then permanently deleted
You can request a full data export at any time
You can request immediate deletion at any time

Compliance & Standards

Sellara is built on infrastructure that meets industry compliance standards. Our hosting providers (Supabase/AWS and Vercel) maintain SOC 2 Type II, ISO 27001, and GDPR compliance. We handle data in accordance with the Australian Privacy Act 1988 and are working towards our own SOC 2 certification.

Have a security question or need to complete a vendor assessment? Reach us at security@sellara.com.au

Secure enough for your most sensitive deals.

Start a free trial and see how Sellara protects your data while making your team more productive.

Book a Demo See Pricing

Loading…