Built for data your auditors want to see.
Encryption end to end. Role-based access enforced at the database. Compliance baselines for LGPD, GDPR, and CCPA on every plan.
How we hold the data.
Encryption everywhere
AES-256 at rest, TLS 1.3 in transit. Document vault encrypted per-tenant. Customer-managed keys via AWS KMS on the Enterprise roadmap.
Identity, end to end
SSO via SAML on Enterprise. Google sign-in on all plans. 2FA via TOTP. Session tokens stored in httpOnly cookies — never accessible to JavaScript. CSRF protection on all write operations.
Tenancy & access control
Logical tenant isolation enforced at the database layer. Every query is tenant-scoped — UI is never the access boundary.
Data residency
Brazil, US, and EU regions. Data stays in your selected region for storage and processing. DPA available before you sign.
Resilience & recovery
Hosted on Render with automatic health checks and zero-downtime deploys. Database on Neon PostgreSQL with point-in-time recovery (retention per Neon plan tier).
Responsible AI
The AI Assistant never makes adverse employment decisions. All AI outputs are scoped to the asker's visibility. Drafts are never auto-published — humans review every word. Your data is never used to train AI models.
Request what your security team needs.
Click any document below and your email client will open with a prefilled request. Our team responds within one business day. For the full SOC 2 report or custom questionnaires, email hello@lenavio.com.
Need something else for your review?
SOC 2 report, custom questionnaires, or a deep-dive call with our security team — happy to help.