Skip to content

Security & Privacy Controls

Ouva protects external communication with TLS 1.2 or higher, so data is encrypted in transit. Authentication, database access, and tenant isolation are enforced through Supabase, including row-level security policies that restrict access by user and organization context.

For scenes that use camera-based processing, MediaPipe inference runs locally in the browser. Ouva does not require streaming raw camera video to the backend for core scene interaction.

When moment/image capture is used, processing is performed client-side in the browser by default.

  • Capture and extraction use standard browser capabilities (for example HTML5 video and canvas APIs).
  • Camera-based interaction uses browser MediaDevices plus MediaPipe WebAssembly/WebGL runtime assets when those scene features are enabled.
  • No browser extension, plugin, or local desktop agent is required.

Transmission behavior:

  • Captured frames/snapshots are not automatically sent to external services for capture processing.
  • Any optional third-party calls remain feature-scoped as documented in Third-party Services and Telemetry & Data Egress.

Storage behavior:

  • During capture, image data is held in browser memory/runtime objects.
  • Browser-managed cache may apply to source media according to browser policy.
  • Local storage is not required for capture processing.
  • Role-based access controls separate admin and standard user capabilities.
  • Kiosk monitoring focuses on operational health (device/display status and uptime signals), not patient-facing scene content.
  • Deployments are delivered as immutable frontend builds, reducing configuration drift across devices.

All external communication is protected with TLS 1.2 or higher:

ConnectionProtocolNotes
Browser to Netlify CDNHTTPSStatic asset delivery for app.ouva.co
Browser to SupabaseHTTPS / WSSAuth, REST/RPC API, Storage, Realtime channels
Browser to StripeHTTPSBilling and customer profile (feature-gated)
Browser to Google / jsDelivr CDNHTTPSMediaPipe model and runtime assets (camera scenes only)
Edge Functions to ElevenLabsHTTPS (server-side)Text-to-speech; browser never contacts ElevenLabs directly
Auth to Customer IdPHTTPSSSO via OIDC / SAML 2.0 (if configured)

Cipher suites are negotiated by the browser and endpoint infrastructure. No browser-level certificate pinning is required. If TLS inspection is used by enterprise proxies, inspection certificates must be trusted by managed devices.

For detailed TLS and proxy guidance, see Network Guidelines.

All customer data stored in Supabase is encrypted at rest with AES-256. This applies to the PostgreSQL database, object storage, and all associated backups.

Sensitive information such as access tokens and keys are additionally encrypted at the application level before being stored in the database.

Supabase manages encryption keys as part of its platform security. For details, see supabase.com/security.

Ouva uses Stripe for payment processing and does not store personal credit card information. Stripe is a certified PCI Service Provider Level 1, the highest certification level in the payments industry. See stripe.com/security.

  • SOC 2 Type 2 compliant. Enterprise and Team customers can access the SOC 2 report through the Supabase dashboard.
  • HIPAA compliant with a signed Business Associate Agreement (BAA).
  • PCI DSS Level 1 certified (highest level of certification in the payments industry).

Supabase works with industry experts to conduct regular penetration tests as part of its managed platform security program. Ouva supplements provider controls with GitHub Advanced Security features including Dependabot alerts, CodeQL code scanning and code quality analysis, Semgrep static analysis, CI dependency audits, and secret scanning with push protection, AI-based detection, non-provider pattern matching, and automatic validity checks.

Supabase also provides DDoS protection at the CDN level via Cloudflare, brute-force login prevention with fail2ban, and customizable rate limits for critical API routes.

Supabase databases are backed up daily. Point-in-Time Recovery is also available, allowing restoration to any point in time.

  • Frontend delivery is handled through Netlify over HTTPS.
  • Backend services are provided through Supabase with managed encryption (AES-256 at rest, TLS 1.2+ in transit) and access controls.
  • Third-party integrations (for example Stripe and ElevenLabs) are called over HTTPS and only when corresponding features are enabled.

For identity and access controls, see Authentication & SSO.

For Ouva’s vulnerability detection, remediation, and testing requirements, see Vulnerability Management Policy.

For detailed telemetry and egress controls, see Telemetry & Data Egress.