Built to hold the most sensitive things your IT team owns.
Your whole company's passwords, tickets and assets live in here. This page shows the controls protecting them today — and what we're still verifying before we claim it.
Encryption at rest and in transit
TLS on the way, rotating keys at the destination.
Passkeys as your second factor
Touch ID, Face ID and Windows Hello — no code to leak.
LGPD by default
Legal bases, a DPA, and permanent deletion on request.
What happens to your data
Encryption at both ends of the road — and keys that hold no grudges about the past.
- TLS in transit
- All traffic between your browser and Movitera is encrypted.
- Encryption at rest
- Data is encrypted where it is stored.
- Rotating key ring
- Vault credentials use rotating keys — a compromised key doesn't expose the vault's history.
- Backups and restore
- Recurring backups and a restore process; retention requirements are handled in the DPA.
Who gets in, and with what
A strong second factor by default, and permissions that respect each seat's scope.
- Passkeys
- Touch ID, Face ID or Windows Hello as the second factor — the recommended path, nothing to type.
- TOTP and recovery codes
- Authenticator apps and single-use codes for anyone not on passkeys.
- Per-module permissions
- Access by role and by module: whoever runs tickets doesn't see the vault.
- Scoped seats
- Requesters and wiki readers use a restricted free seat — the scope holds for integrations too.
- Vault audit trail
- Credential access and changes land in an audit trail.
AI on a short leash
The AI works your operation — but writes require approval, and everything leaves a trace.
- Human approval
- Actions executed by AI go through approval before touching your data.
- Durable action log
- Every AI action is recorded — "who did what, when" always has an answer.
- The requester’s permissions
- AI acts with the permissions of the person asking — it never sees more than their seat allows.
LGPD
Personal data handled with a legal basis, a contract, and a way out.
- Defined legal bases
- Personal data is processed under documented legal bases.
- DPA for customers
- A data processing agreement, ready for your legal team.
- Permanent deletion
- Your data is permanently deleted on request.
- Privacy policy
- The full detail of how data is handled, on one page. Read the policy
Found something? Talk to us directly.
A security question, a compliance checklist, or a vulnerability report: we answer in writing, straight from the people who build the product — no mandatory call.
hello@movitera.com