Trust

Security

Last updated June 2026

Security is foundational to Upflio — your team’s work and your clients’ data live here. This page summarizes how we protect it.

Access control

Access is scoped by workspace, team, and client. Permissions are enforced on every request, and clients only ever see what you explicitly share with them through their portal.

Authentication

Accounts are protected with hashed credentials and short-lived session tokens. Single sign-on via Google is available for teams that prefer it.

Data protection

  • Encryption in transit (HTTPS/TLS) for all traffic.
  • Data isolated per workspace.
  • Regular backups of workspace data.

Reporting an issue

Found a vulnerability? We appreciate responsible disclosure — please reach us through the contact page and we’ll respond promptly.