PulseVault Compliance & Security

Beta: PulseVault is currently in beta. Use at your own discretion and keep independent backups of critical information.
Beta Notice: PulseVault is currently in beta. Features may change, and you should keep independent backups of any critical documents.

Compliance, Privacy, and Security Overview

This page explains how PulseVault protects your data, how user information is segregated, and what types of events could lead to compromise.

Data Segregation (Per-User Isolation)

  • Profile isolation: PulseVault enforces strict per-user ownership checks. Users (including administrators) cannot view or manage profiles owned by other users through the PulseVault UI.
  • Scoped access: Release portals require token links and optional recipient verification (where enabled). Profiles are not discoverable by browsing or menus.
  • Auditability: Events (sends, confirmations, releases, downloads) are logged with timestamps. Logs redact common sensitive values where possible.

Encryption at Rest

PulseVault uses encryption at rest to protect sensitive data stored on the server:

  • Uploaded documents: Files are encrypted before being written to disk. The encrypted file format includes a header and a unique initialization vector (IV). Files are decrypted only when a valid one-time download link is used.
  • Sensitive fields: Confirmers, recipients, notes, and break-glass instructions are stored encrypted where supported by the server environment.

Key Derivation (Context-Bound Keys)

Encryption keys are derived using a server-side secret (from the application environment) and a per-item context (for example, per-profile and per-document). This design helps prevent a ciphertext blob from being copied to a different profile and decrypted there.

Threat Model: What It Would Take to Compromise Data

No system can guarantee absolute security. The following examples illustrate the kinds of events that could expose data:

  • If an attacker steals only the encrypted document files (for example, a copy of the upload directory) without access to the server configuration/secrets, the files are intended to be unreadable.
  • If an attacker gains full server access (including the configuration, database, and secrets used for key derivation), they may be able to decrypt stored content.
  • If the server is compromised through malware, a vulnerable plugin/theme, stolen admin credentials, or misconfigured permissions, confidentiality and integrity can be impacted.

Operational Security Recommendations

  • Enable and enforce MFA for all accounts.
  • Use a dedicated SMTP provider and configure SPF/DKIM/DMARC for better deliverability.
  • We keep the application core, plugins, and themes up to date.
  • Restrict server access (least privilege) and encrypt server backups.

Disclaimer

This document is provided for transparency and does not constitute legal advice. PulseVault provides safeguards designed to reduce risk, but it cannot eliminate risk. You are responsible for your security posture, backups, and operational decisions.

Privacy Policy FAQ Cookie Policy Compliance & Security Donate Sponsor