Trust by design

Security at Zennvue.

Wedding vendors trust us with their book of business. Couples trust us with their wedding day. Our job is to make sure both can keep trusting us. Here is how we handle encryption, authentication, compliance, data handling, payments, and our enterprise SLA.

TLS

In Transit

Modern encryption on every request

AES-256

At Rest

All data encrypted in storage

PCI L1

Payments

Card data handled by Stripe Connect

U.S.

Data Residency

All customer data stored in the United States

Pillar 01 · Encryption

Encrypted everywhere, always.

Data is encrypted as it travels between you and our servers, and again at rest in storage. Industry-standard cryptography across the entire stack.

In Transit + At Rest

Industry-standard cryptography on every layer.

All traffic between your browser and Zennvue uses modern TLS with current cipher suites. HTTPS is enforced everywhere; insecure HTTP requests are automatically redirected. Weak ciphers and legacy protocols are explicitly disabled.

At rest, your data lives in an encrypted database (AES-256) with managed key rotation. File uploads (photos, contracts, galleries) sit in encrypted object storage with signed time-limited access URLs and no public access. Backups are encrypted before they are written and encrypted again at the storage layer.

🔒

TLS in transit

Modern cipher suites only. HTTP automatically upgraded to HTTPS. HSTS preload list eligible.

🗄️

AES-256 at rest

Encrypted database with managed key rotation. Keys held in a hardware security module.

📦

Encrypted file storage

Server-side encryption on all uploads. Signed URLs for time-limited access. No public ACLs.

💾

Encrypted backups

Daily automated encrypted snapshots. Retention cycles per the data lifecycle. Disaster recovery tested periodically.

Pillar 02 · Authentication & Access

The right person sees the right data.

Strong authentication options at every level: passwords, multi-factor, single sign-on. Plus role-based access control inside team accounts.

🔑

Strong password requirements

Minimum 12 characters. Common passwords blocked. Bcrypt hashing on the backend.

📱

Multi-factor authentication (MFA)

TOTP-based 2FA available on all tiers as opt-in. Studio ($499/mo) and Enterprise ($1,999/mo) tiers can enforce MFA org-wide on all team members.

🏢

Single sign-on (SSO)

SAML 2.0 SSO available on Enterprise tier. Compatible with most modern IdPs including Okta, Azure AD, and Google Workspace.

👥

Role-based access (RBAC)

Team accounts on Business, Studio, and Enterprise: Owner, Admin, Manager, Member roles with per-resource permissions.

⏱️

Session security

Rolling sessions with idle timeouts. Active devices listed in account settings. Remote session revocation supported.

Defense in Depth

Authentication that scales with your business.

Solo photographers get strong-password-plus-optional-MFA. Multi-photographer studios get RBAC team accounts. Enterprise vendors plug into their existing identity provider via SSO. Same security model throughout.

Session tokens are signed and short-lived. Suspicious login activity (new device, new location, multiple failed attempts) triggers email alerts and optional step-up authentication. Account takeovers are the most common attack vector in SaaS, and we treat them seriously.

Pillar 03 · Compliance

Standards we hold ourselves accountable to.

The compliance landscape for SaaS handling payments, contracts, and personal data is layered. Here is where we stand on each.

🛡️

SOC 2 Type II

Controls Implemented

SOC 2 Type II control set implemented across access, encryption, change management, and logging. Formal audit engagement on the 2026 roadmap.

🇺🇸

CCPA / CPRA

Compliant

California consumer privacy rights honored. Right to know, delete, correct, and opt out of sale or sharing. See Privacy Section 6.

💳

PCI DSS

Level 1 (via Stripe)

All card data is handled by Stripe Connect (PCI DSS Level 1 certified). Zennvue servers never see raw card numbers.

🏛️

U.S. Privacy Frameworks

Active

Compliance posture tracks evolving U.S. state privacy laws (CCPA primary). EU/UK frameworks will be addressed when our footprint expands.

HIPAA is not in scope for Zennvue. We do not handle protected health information. For compliance documentation requests (Data Processing Addendum, SOC 2 control summary, security questionnaires), email our security team.

Pillar 04 · Service Level Commitments

Uptime, response time, and what happens if we miss.

Enterprise customers get a written SLA. Every tier benefits from the underlying uptime target. Around-the-clock support is an Enterprise add-on, not the default.

⚡

Enterprise SLA

Business-hours priority support with measurable response targets

99.9%

Uptime Target

Excluding scheduled maintenance windows and force majeure events

1 hr

P1 Acknowledgment

Within 1 business hour, Mon-Fri 8AM-6PM Mountain Time

Business Hours

Mon-Fri 8AM-6PM Mountain Time (UTC-7 / UTC-6 DST)

Severity definitions: P1 is a production outage or critical functional failure affecting all or most users. P2 is significant degraded functionality with available workaround. P3 is minor issue or feature request. P1 incidents receive acknowledgment within 1 business hour during the support window above. Response times for P2 and P3 are defined in your written Enterprise agreement.

Service credit remedy: If we miss the 99.9% uptime target in a calendar month, Enterprise customers receive a service credit per the schedule in their Enterprise agreement. Service credits are the sole and exclusive remedy for SLA misses. Around-the-clock 24x7 P1 coverage is available as an add-on for Enterprise customers.

Carve-outs: Scheduled maintenance, force majeure events, third-party service outages outside our reasonable control (payment processor outages, identity provider outages), and customer-caused issues (misconfiguration, exceeding API rate limits) do not count against the uptime target.

Pillar 05 · Data Handling

Your data is yours. Always.

Customer data ownership, retention, deletion, and portability. We treat your data like it is a loan, not a gift.

Your Data, Your Control

Vendors retain full ownership of their client list.

Your contacts, contracts, proposals, and financial data are yours. We process them on your behalf, never sell them to third parties, and never use them to train AI models. Brand Voice Profiles are scoped to your account only; nothing is shared across organizations.

Deletion means deletion. When you cancel and request data removal, your account moves through a defined retention lifecycle matching Terms Section 11.3 and Privacy Section 4: 30-day grace period, soft delete at day 30, hard delete completes by day 60, encrypted backups cycle out by day 90. Full data export is available anytime via account settings, with or without canceling.

📁

Data ownership

Your contacts, contracts, and content remain yours. We process, we do not possess.

📥

Full export anytime

Download all your data in CSV / JSON / PDF via account settings. No support ticket required.

🗑️

Defined deletion lifecycle

30-day grace, day 30 soft delete, day 60 hard delete complete, day 90 backups cycled out.

🤖

AI privacy

Brand Voice Profiles, AI proposal drafts, and lead scores stay private to your account. Anthropic does not train its foundation models on data submitted via the Anthropic API as configured in our integration.

🌎

U.S. data residency

All customer data is stored in the United States. International data residency will be addressed if our footprint expands.

Pillar 06 · Payments

Card data we don't touch.

💳

PCI DSS Level 1 by design

All payment processing on Zennvue runs through Stripe Connect. Stripe is certified PCI DSS Level 1, the highest level of payment card industry compliance available. They handle your couples' card numbers; we never see them.

Card numbers are tokenized at the point of entry on Stripe's hosted form (or via Stripe Elements). Zennvue stores only the resulting token and the last 4 digits for display. Refunds, disputes, and chargebacks all flow through Stripe's infrastructure.

Zennvue platform fee: 0%. Stripe's standard processing fee (currently 2.9% + $0.30 per transaction, set by Stripe and subject to Stripe's terms) passes straight through to the vendor.

Card data never touches Zennvue servers

Stripe Elements + Checkout for entry

Tokens stored, never raw PAN data

3D Secure (SCA) supported when required

ACH bank-level transfers supported

Refunds and disputes fully Stripe-handled

🔍

Found a vulnerability?

Responsible Disclosure

We take security reports seriously. If you have found a potential vulnerability in Zennvue, our APIs, or our infrastructure, we want to know about it. Please follow responsible disclosure practices: email us with details, give us a reasonable window to investigate and fix, and do not exploit the issue beyond what is needed to demonstrate it.

In scope: zennvue.com, platform-zennvue.com, the marketplace, and the customer app. Out of scope: social engineering, physical attacks, denial of service, third-party services like Stripe (report to them directly), and issues in legacy browser versions or end-user device security.

Recognition: We do not currently operate a formal bug bounty program, but we publicly acknowledge contributors with their permission and offer swag for impactful reports. A formal program is on the 2026 roadmap. We respond to all reports within 72 hours and provide ongoing updates as we work through them.

Email Security Team →

Common Questions

Security FAQ.

Where is my data stored?▼

All Zennvue customer data is stored in the United States. Database and file storage are encrypted at rest with managed key rotation, and configured with multi-zone high availability. We do not currently offer EU or other regional data residency; if our footprint expands, we will update this Policy and the Privacy Policy accordingly.

Can I require MFA on my team?▼

Yes, on Studio ($499/mo) and Enterprise ($1,999/mo) tiers. MFA can be enforced org-wide as a requirement for all team members on those plans. On lower tiers (Starter, Professional, Business), MFA is available as an opt-in feature per user. SSO via SAML 2.0 (Enterprise tier) supports your existing identity provider's MFA policies. See tier comparison →

Do you sell or share my data?▼

No. Customer data is never sold to third parties or shared for cross-context behavioral advertising (as defined under the CCPA). Vendor client lists, couples' planning data, contracts, and Brand Voice Profiles stay inside your account. The exceptions: data shared with the counterparty of a transaction (a vendor sees their booked couples; a couple sees their booked vendors), payment data shared with Stripe to process transactions, and aggregated anonymous platform metrics for our own analytics. See Privacy Section 6 for full CCPA disclosures.

Is Zennvue SOC 2 certified?▼

SOC 2 Type II control set is implemented (access management, encryption, change management, logging, incident response). Formal third-party audit engagement is on our 2026 roadmap. A SOC 2 control summary and security questionnaire response are available on request for prospective Enterprise customers.

What happens to my data if I cancel?▼

Defined retention lifecycle matching Terms Section 11.3 and Privacy Section 4: Day 0 to Day 30 grace period (data accessible, reactivation possible), Day 30 soft delete (removed from active systems), Day 30 to Day 60 hard delete completes from production, Day 60 to Day 90 encrypted backups cycle out. Day 90 = full deletion complete except where legal obligations require retention. You can export everything in CSV / JSON / PDF anytime from account settings, with or without canceling.

How do you handle payment card data?▼

We don't. All card processing flows through Stripe Connect, which is PCI DSS Level 1 certified. Card numbers are entered on Stripe's tokenized forms and never reach Zennvue's servers. We store the resulting Stripe token and the last 4 digits for display only. Refunds and chargebacks happen through Stripe's infrastructure too. Zennvue charges 0% platform fee on bookings; Stripe's standard processing fee (currently 2.9% + $0.30, set by Stripe and subject to Stripe's terms) passes straight through to the vendor.

What is your support SLA?▼

Enterprise customers ($1,999/mo) get a written SLA with business-hours priority support (Mon-Fri 8AM-6PM Mountain Time), 1-business-hour P1 acknowledgment, 99.9% uptime target, and service-credit remedies for misses. Around-the-clock 24x7 P1 coverage is available as an Enterprise add-on. Lower tiers benefit from the underlying uptime target and best-effort support during business hours. See Pricing for tier comparison.

What is your incident response process?▼

Security incidents trigger our internal incident response runbook: detect, contain, investigate, remediate, communicate. For breach scenarios involving customer data, we notify affected customers without undue delay, in line with applicable U.S. state breach notification requirements. We share post-incident reports with affected customers detailing what happened, what data was involved, and remediation steps.

Does AI training use my data?▼

No. Your Brand Voice Profile is trained on your own writing samples and stays scoped to your account only. Zennvue uses Anthropic Claude (via the Anthropic API) as our production AI provider. Anthropic does not train its foundation models on data submitted via the Anthropic API as configured in our integration. AI features that operate on your data (proposal drafting, lead scoring, marketplace matching) use your data temporarily for the inference call and are not persisted by the AI provider.

Questions about security we didn't cover?

Email our security team for compliance documentation, custom Data Processing Addendums, or specific security concerns. We respond to security inquiries within 24 hours, often faster.

Email Security Team → Contact Page