Skip to content
salenza
Features How it works Integrations Pricing
Canada ▾
Netherlands Nederlands Canada English
Login Book a demo
Features How it works Integrations Pricing Login Book a demo
Legal centre
Security

Security Overview

The control areas Salenza uses to protect the service and improve security over time. This page makes no certification or absolute-security claim.

Effective date: June 15, 2026
On this page
GovernanceAccessData protectionDevelopmentMonitoringProvidersIncidentsCustomer duties
01

Risk-based governance

Salenza intends to maintain assigned security responsibilities, documented policies, periodic risk review, personnel confidentiality, access review and security training appropriate to the size, service and information involved. The final program will distinguish verified controls from planned improvements.

02

Identity and access management

Production access should follow least-privilege principles, use individual identities, require stronger authentication for privileged access, be reviewed periodically and be removed promptly when no longer needed. Administrative and support access should be logged where technically appropriate.

Exact MFA coverage, review frequency, approval workflow and emergency-access controls are being documented before production.

03

Data protection and retention

Salenza will validate encryption in transit, storage protections, secrets management, environment separation, backup handling, retention and deletion against the actual production architecture and provider capabilities.

We do not currently claim that all data remains in Canada, that deletion is instantaneous, or that any system is absolutely secure. Confirmed processing locations will be published in the Subprocessor Register.

04

Change and development controls

The production process is expected to include source control, review of material changes, dependency and vulnerability management, testing before release, controlled deployment and separation of production information from ordinary development use. The final schedule will state the controls actually implemented.

05

Logging, monitoring and availability

Operational and security-relevant activity should be logged at a level that supports troubleshooting, incident investigation and accountability without creating unnecessary retention of sensitive content. Monitoring, alerting, backup restoration and continuity procedures will be tested and documented.

No uptime percentage, recovery objective or service credit applies unless included in the signed Order Form or support schedule.

06

Provider assessment

Providers with access to personal information or critical service functions will be reviewed for contract terms, security information, processing locations, retention, subprocessors, incident duties and model-training settings where relevant. Material providers will be recorded before production and reviewed when changed.

07

Incident response

Salenza is preparing a process to identify, contain, investigate, remediate and document suspected security incidents and to notify affected customers as required by contract and applicable law. Notification timing, decision responsibilities, evidence preservation and regulator support will be defined in the final DPA and incident plan.

Suspected vulnerabilities or incidents can be reported to support@salenza.ai.

08

Shared responsibility

Customers remain responsible for authorized users, credentials, connected systems, lawful configuration, accurate escalation rules and limiting the information submitted. Customers should promptly report suspected compromise and follow the Acceptable Use Policy.

Data Processing AddendumSubprocessorsSupport Policy
salenza

The multilingual AI front desk for beauty and aesthetics businesses.

Product

  • How it works
  • Features
  • Integrations
  • Pricing

Company

  • About
  • Contact

Legal

  • Legal hub
  • Privacy Notice
  • Cookie Notice
  • Terms of Service
© 2026 Salenza
Canada / English Nederland / Nederlands