Trust Center
Security & Privacy at OneERP
This page is maintained by the OneERP team to answer common security and privacy questions about the product. It describes the controls and practices currently in place — it is not an independent audit or certification.
Last updated: July 2026
Users sign in with email + password or Google. Sessions are issued by our managed authentication provider and stored as HTTP-only tokens in the browser.
Access inside the app is role-based. Sensitive areas (the ERP Builder, user management, security tooling) are restricted to Super Admin roles, and roles are stored in a dedicated database table rather than on user profiles.
All traffic to OneERP is served over TLS (HTTPS). The application sets strict security response headers including Content-Security-Policy, Strict-Transport-Security, X-Content-Type-Options, X-Frame-Options, and a restrictive Permissions-Policy.
Tenant data in the database is protected by Row-Level Security policies that scope reads and writes to the company the signed-in user belongs to. Database roles use least-privilege grants.
OneERP runs on managed cloud infrastructure (Lovable Cloud) that provides the database, authentication, file storage, and edge runtime. The provider handles patching of the underlying platform.
Mentioning a platform vendor is not a certification claim about OneERP.
OneERP only stores the operational data you enter to run your books — companies, contacts, invoices, contractors, projects, journal entries, files you upload, and the activity logs needed to audit those records.
We do not sell your data, and we do not use customer data to train AI models.
- Lovable Cloud — hosting, managed database, authentication, file storage.
- Lovable AI Gateway — AI features (chat assistant, document extraction). Prompts are processed to deliver the response and are not used to train models.
- Google — optional sign-in (only when a user chooses to use Google login).
OneERP uses first-party cookies and local storage strictly for keeping you signed in and remembering UI preferences. We do not load third-party advertising or cross-site tracking pixels.
- Active accounts. While your account is active, accounting records (companies, invoices, vendor bills, journal entries, bank transactions, contractors, projects, reports) and uploaded files (invoice attachments, receipts, contractor documents, vault entries) are retained so the application can function — statements stay reconcilable, audit trails stay intact, and historical reports keep rendering.
- Statutory retention. Accounting and tax records are kept for at least the minimum period required by applicable local tax and company law (commonly 5–7 years, depending on jurisdiction). Customers remain responsible for confirming the retention period that applies to their business.
- Closed or inactive accounts. If an account is closed, customer data is scheduled for deletion within 30 days of the closure request, unless a longer period is required to meet a legal, tax, or audit obligation.
- User-initiated deletion. Account owners can request export or deletion of specific records or the whole account at any time by emailing support@oneerp.live from the address tied to the account. Verified deletion requests are completed within 30 days across primary storage.
- Backups. Encrypted backups age out on their normal rotation (typically up to 35 days) and are then overwritten. Restored data from backup is re-deleted on the next cycle.
- What is not deleted. Anonymous, aggregated usage metrics (counts, performance traces) and minimal records required to evidence that a deletion request was honoured may be retained after account deletion.
Primary contact. Email support@oneerp.live with the subject prefix [Privacy] or [Deletion] so it's routed correctly.
Who can submit. Requests must come from the email address tied to the account. For organisation accounts, requests must come from a verified owner or admin; we may ask for additional verification before acting on requests about other users' data.
What to include. (1) request type — access, export, correction, deletion, restriction, or objection; (2) the account email or company name; (3) the specific records if it's a partial request; (4) your relationship to the account (owner, admin, end user, regulator).
Response-time expectations.
- Acknowledgement: within 2 business days of receipt.
- Identity verification (if needed): completed within 5 business days.
- Data access / export requests: fulfilled within 30 days.
- Correction requests: actioned within 15 days.
- Deletion requests: scheduled within 5 business days, completed across primary storage within 30 days (backups age out on normal rotation — see "Retention & deletion").
- Complex or high-volume requests: we may extend by up to 60 additional days and will notify you in writing with the reason.
Escalation. If you are not satisfied with our response, reply to the same thread with [Escalation] in the subject and a senior team member will respond within 5 business days.
Cost. Requests are handled free of charge. Repeated or manifestly excessive requests may incur a reasonable fee or be refused, with reasons provided.
If you believe you've found a security issue, please email support@oneerp.live with steps to reproduce. Please do not test against other customers' data.
We aim to acknowledge reports within 5 business days and will keep you updated on remediation progress.
The platform (Lovable Cloud) is responsible for the security of the underlying infrastructure, database engine, and managed services.
We (the OneERP team) are responsible for application code, access policies, RLS rules, and how the product is configured by default.
Customers are responsible for choosing strong passwords, protecting their sign-in credentials, granting roles to the right people, and promptly removing access for users who leave their organisation.
OneERP is an accounting and ERP product. It is not designed for, marketed to, or intended to store Protected Health Information (PHI) as defined by HIPAA.
Customers should not upload patient records, medical history, diagnoses, treatment notes, lab results, or any other PHI into OneERP — including into invoices, attachments, contractor files, vault entries, or AI chat prompts. Financial records about a healthcare business (revenue, vendor bills, payroll totals, tax filings) are not PHI and are in scope for normal use.
What "HIPAA-aligned environment" means here: the underlying platform we run on (Lovable Cloud) provides infrastructure controls — encryption in transit, access controls, audit logging, and isolated tenant data — that are consistent with the kinds of safeguards HIPAA expects of a hosting environment. This is a description of available platform controls, not a HIPAA certification of OneERP, and we do not currently sign Business Associate Agreements (BAAs).
If your use case requires handling PHI under HIPAA, contact us at support@oneerp.live before entering any such data so we can confirm whether OneERP is an appropriate fit.
OneERP does not currently claim SOC 2, ISO 27001, GDPR, HIPAA, or PCI certification. If you have specific compliance requirements, contact us at support@oneerp.live and we'll discuss what we can support.