Security Overview

This overview describes high-level security practices for GenauraBrain (Telegram bot, web dashboard, and related APIs). It is not an exhaustive control matrix and does not replace contractual commitments in enterprise agreements where applicable. For privacy-specific rights and processing details, see the Privacy Policy.

We use industry-standard encryption for data in transit (such as TLS) for connections between clients and our services where supported. Sensitive data at rest is protected using provider-managed encryption and access-controlled storage. Exact algorithms and key management may evolve as we upgrade infrastructure.

Access to production systems and customer data is limited to authorized personnel with a legitimate need. We apply authentication, authorization, and audit logging appropriate to the sensitivity of systems. Administrative access is reviewed as part of operational security.

We maintain processes to detect, triage, and respond to security incidents. Where a personal data breach meets legal thresholds, we notify supervisory authorities and affected users as required by applicable law (including EU GDPR timelines where relevant).

If you believe you have found a security vulnerability, contact security@genaura.app with enough detail to reproduce the issue. Do not perform destructive testing against production without prior written authorization. We appreciate coordinated disclosure and will work with reporters in good faith.

Security: security@genaura.app Legal: legal@genaura.app