Security at Hive Centra

How we protect your database. Last reviewed: June 2026

Your data is yours

You own the contacts, deals, and communications you put into Hive Centra. We use that data only to run the Service for you. We do not sell it, and we do not use it to train any shared or third-party AI model. The full terms are in our Terms of Service and Data Processing Addendum.

Encryption

All traffic to and from Hive Centra is encrypted in transit over TLS. Sensitive secrets, such as two-factor and connected-account tokens, are encrypted at rest with AES-256-GCM. Our database is hosted on managed cloud infrastructure that encrypts stored data at rest.

Tenant isolation

Hive Centrais multi-tenant, and isolation is enforced at the data layer: every query is scoped to your organization, so one customer cannot read another customer’s data. This isolation is covered by an automated test that runs on every change.

Access and authentication

Accounts support strong passwords and optional two-factor authentication (TOTP) with one-time backup codes. Roles limit what each team member can do, and internal operational access follows least-privilege. Sensitive actions are recorded in an audit log.

Abuse and reliability

We apply rate limiting to sensitive endpoints, monitor errors, and operate spend controls on AI and messaging to prevent runaway usage.

Backups and recovery

Our database runs on managed cloud infrastructure that takes automated backups on a regular cycle. Backups are encrypted at rest alongside the rest of the stored data. We are formalizing our backup-retention and restore-testing procedures and will describe the specifics here as they are confirmed.

Subprocessors

We use vetted third parties to deliver the Service (cloud hosting and database, AI model provider, messaging and telephony, email delivery, payment processing, and property and market data). Categories and our obligations are described in the Data Processing Addendum, and we give notice of material changes.

Compliance roadmap

We are building toward SOC 2. A SOC 2 Type II examination is on our roadmap, not yet complete, and we will update this page when it is. We will not claim a certification we do not hold.

Report a vulnerability

If you believe you have found a security issue, please email mazz@hivecentra.com with details so we can investigate and respond. Operator: NLG, LLC (Next Level Group).