All data in transit is protected by TLS 1.3. Data at rest in Cloudflare D1 is encrypted using AES-256. Backups are encrypted before storage.
SEOVentra uses magic link authentication β we never store passwords. Each login link is single-use, time-limited, and cryptographically signed.
Organisations have admin, member, and viewer roles. API keys are scoped per-project with configurable permission levels.
Built entirely on Cloudflare's global edge network. No single-region data concentration. Workers and D1 operate under Cloudflare's enterprise security posture.
We collect only what's needed to operate the platform. We do not sell data, run ads, or share your site data with third parties. Full details in our Privacy Policy.
API keys are displayed once at creation and never stored in plaintext. Keys can be rotated or revoked instantly from your dashboard settings.
OAuth service account access. Tokens stored encrypted. We request only the minimum necessary scopes (URL inspection and indexing submission). Tokens can be revoked from your Google account at any time.
Used for AI visibility scoring. Your page content is sent to Claude for analysis. We do not retain page content beyond the scoring request. You can supply your own API key on Pro and Business plans.
Used to deliver magic link login emails and alert notifications. Only your email address is shared. No marketing without explicit consent.
Handles payment processing for paid plans. We never see or store your full card details. Razorpay is PCI DSS compliant. Subscription and billing data is stored with Razorpay, not SEOVentra.
Found a
vulnerability?
We appreciate responsible security researchers. If you discover a vulnerability in SEOVentra, please report it to us privately before public disclosure.
Report a vulnerability