The Content Approval Hub is operated by PRIVI IT SALES LLP on behalf of The Sales Inc. This page is maintained by us to explain the security controls in place today. It is a statement of practice, not an independent certification.
Access & tenancy
- Every client is a fully isolated workspace. Users only see the clients and projects they are explicitly granted access to.
- Roles are enforced at every layer: Super Admin, Admin, Content Manager, Creator, Client Approver, Viewer, Guest.
- Row-level security policies are applied in the database — cross-client reads and writes are blocked at the data layer, not just in the UI.
- Privileged operations (invites, role changes, workspace deletion) require server-side authorization and are audited.
Data protection
- In transit: all traffic is served over TLS 1.2+.
- At rest: the underlying managed database and object storage encrypt data at rest.
- Secrets: OAuth tokens for connected social accounts are stored in a private schema separate from tenant-readable tables, and are never returned to the browser.
- Invites: invite tokens are hashed before storage and expire on use or after the configured window.
Authentication
- Email & password sign-in with secure password reset flows.
- Sessions can be revoked at any time via logout; stale sessions are detected and cleared on refresh.
- Anonymous sign-ups are disabled — accounts must be provisioned via invite or by a Super Admin.
Operations
- Least-privilege service accounts for backend jobs.
- Change history on approvals, comments, and status transitions.
- Regular dependency updates and automated security linting on the database schema.
Shared responsibility
We secure the platform. You are responsible for keeping account passwords private, revoking access when team members leave, and only inviting people who should see your content.
Responsible disclosure
Found a vulnerability? Please email grow@thesalesinc.com with reproduction steps. We will acknowledge within 3 business days and coordinate a fix before any public disclosure.
Contact
For security questions, contact grow@thesalesinc.com or book a call at calendly.com/grow-thesalesinc.
