Security & data

Built so we never hold your customers.

The safest way to protect your customers' data is to never hold it. So we don't. Halia looks at your customers only for the moment it takes to score them, and keeps no copy. There is no customer list sitting on our side to leak, lose, or be forced to hand over.

Your customers' data, kept safe
Zero-retention architecture

Your data flows through Halia. It never settles in it.

Your store
Shopify, BigCommerce or WooCommerce, your data, your servers.
Read-only
Halia
Reads customers, scores them in memory, then discards them.
Nothing written to disk
Your tools
Grades and segments land in Klaviyo, Mailchimp, HubSpot, or your team's view.
You stay in control
No customer database is ever created on Halia's side
Encrypted
Read-only by design

We can look. We cannot touch.

Halia connects to your store with read-only credentials. We can read orders and customers in order to score them. We cannot change, delete, refund, or place anything. The single secret we hold is that read-only key. Revoke it and Halia goes dark in the same moment.

What we keep, and what we never do

A short list, by design.

+What Halia stores

  • Your store URL
  • One encrypted, read-only key
  • Your settings: thresholds, templates, sign-off
  • A one-way hash of your access link
  • A contact email you give us

What Halia never stores

  • Your customers' names
  • Their email addresses or phone numbers
  • Their billing or delivery addresses
  • Their orders or payment details
  • Any score or profile derived from the above
Secure data
Scored in memory

Here for minutes, then gone.

When Halia scores your store, customers are processed in memory and never written to a Halia database. A scoring run lasts minutes, and when it ends the data is gone. Your data stays yours alone: we never pool it with other brands or reuse it as reference for anyone else.

The rest of the posture
01

Encryption & key isolation

Secrets are encrypted at rest, and every call to your store and your tools runs over encrypted, authenticated channels. The key that decrypts your store credential is held apart from the database, so a dump alone can never unlock it.

02

You are the controller

For your customer data you are the controller and Halia is your processor, acting only on your instructions.

03

Audited infrastructure

Halia runs on Render, which is SOC 2 Type 2 and ISO 27001 certified and independently penetration-tested every year. We keep our subprocessor list short and share it on request.

04

Rate-limited & monitored

Sign-in and scoring endpoints are rate-limited against abuse, our dependencies are monitored for known vulnerabilities, and customer data is kept out of our logs.

05

GDPR-ready

We provide a Data Processing Agreement and the profiling wording for your own privacy notice. Because no standing customer data lives with us, access and erasure requests are largely answered by the architecture itself.

06

Responsible disclosure

Found something? Email us. We will acknowledge, work with you, and welcome good-faith research.

For your security team

The posture, as a shell.

A walkthrough of what we hold, what we don't, and the controls in place. It runs itself, or click in and type help to poke around.

halia, security shell
Talk to us

Security questions are welcome.

We can provide a data processing agreement and our subprocessor list on request.

Contact us
Compliance & standards
In place On the roadmap (in progress)

Host-certified (Render)

SOC 2 Type IIISO/IEC 27001Annual pen testGDPR DPASOC 3Backups & DDoS

How Halia is built

Zero retentionIn-memory scoringAES-128 at rest (Fernet)TLS in transitKey held apartLeast-privilege read-onlyRate-limitedNo data in logsNo secrets in VCS

Aligned with (self-assessed)

OWASP Top TenNIST CSFGDPR Art. 22DPIA & LIAResponsible disclosure

UK · as processor

UK GDPR & DPA 2018Controller–processorDPA on requestSubprocessor list on request

On the roadmap

Halia SOC 2Halia ISO 27001Independent pen testManaged KMSICO registration