Security
How we protect your account, your forms, and the submissions your respondents send.
Overview
Operon holds the forms you build and the data your respondents submit, so we treat security as a product requirement, not a footnote. This page is a plain, honest account of the measures in place today. We describe what we actually do — and we are careful not to claim protections we have not built.
Data protection
- Encryption in transit and at rest — traffic to Operon is served over HTTPS, and your data is encrypted at rest in our hosted database and object storage.
- Tenant isolation— every tenant table enforces row-level security in the database, so one organization’s forms and submissions are never readable by another. Isolation is enforced at the data layer, not just in application code.
- Scoped access controls — each request is bound to a signed-in member of a specific organization, and access to files is granted only through short-lived signed URLs issued by our servers.
Platform security
- Hardened response headers — pages are served with a Content Security Policy that blocks framing, plus HTTP Strict Transport Security and content-type nosniff protections.
- Virus-scanned uploads — files uploaded through a form are scanned for malware before a submission can reference them. The scan fails closed: a file that cannot be verified clean is rejected, not accepted.
- Timing-safe secret checks — API keys, signing secrets, and webhook signatures are verified with constant-time comparisons to avoid leaking information through timing.
- Rendered as text, never as markup — labels and answers are rendered as plain text, so form content cannot inject scripts into a page. State-changing API requests accept JSON only, which narrows the attack surface.
Your data
- You own your content. The forms you build and the submissions you collect are yours. We do not sell your data, and we do not use your content to train machine-learning models.
- Export any time. You can export your submissions to CSV from the dashboard to keep your own copy or move it elsewhere.
- Deletion on request.You can delete forms and submissions from the app, and you can ask us to erase your organization’s data by emailing support@operon.app.
Payments
Subscription payments are handled by our merchant of record, so full card numbers never reach Operon’s servers. We receive your plan and billing status, not your card details.
Responsible disclosure
If you believe you have found a security issue, we want to hear from you. Email support@operon.app with the details and steps to reproduce, and please give us a reasonable window to investigate and fix before any public disclosure. We will not pursue good-faith researchers who follow this process.
What we do not claim
Operon is an early-access product, and we describe our posture honestly. We do not hold SOC 2 or other formal certifications, and we will not claim certifications we have not earned or hide behind vague marketing labels. As we mature our program and complete audits, we will update this page with specifics rather than marketing language.
Contact
Security questions or concerns? Email support@operon.app.