Legal

Security

Last updated: July 3, 2026  ·  ViamLabs LLC

Important: The security measures described on this page represent our current best-effort practices. No security measure is perfect or guarantees absolute protection. Your use of ViamOne is subject to the limitations of liability set out in our Terms of Service.

Technical Security Controls

🔐

AES-256 encryption at rest

All files and database records are encrypted at rest using AES-256. Encryption keys are managed by Cloudflare's infrastructure.

🔒

TLS 1.3 in transit

All data in transit between your browser and our servers is encrypted with TLS 1.3. Older, weaker protocols are rejected.

🌐

Cloudflare infrastructure

ViamOne runs on Cloudflare's enterprise-grade global network, which includes DDoS protection, Web Application Firewall, and edge security.

🔑

Zero plaintext credentials

Passwords are never stored in plaintext. We use bcrypt hashing with salting. API keys and secrets are stored as environment secrets, not in code.

📋

Full audit logging

Every document access, download, and sensitive operation is logged with timestamp, user, and IP address for forensic review.

🚫

Least-privilege access

Internal systems and team members operate on a strict need-to-know basis. No human has routine read access to your document content.

AI Data Handling

🧠

No AI training on your data

Your documents are never used to train or fine-tune any AI model. Each AI processing request is isolated and discarded.

🔗

API-only AI access

AI features use Anthropic's Claude API. Document content is sent to Anthropic's servers for processing under their API data-handling commitments, which prohibit use of API inputs for model training.

🗑️

Session isolation

Each AI session is stateless and ephemeral. Context from one document or query is not retained for use in another user's session.

Responsible Disclosure

If you believe you have discovered a security vulnerability in ViamOne, please report it to us responsibly before public disclosure. We take all reports seriously and will work to address confirmed issues promptly.

Email: [email protected]

Please include: a description of the vulnerability, steps to reproduce, potential impact, and your contact information. We aim to acknowledge reports within 5 business days. We request that you not publicly disclose the vulnerability until we have had a reasonable opportunity to investigate and remediate it.

Security Limitations and Disclaimer

NO SYSTEM IS 100% SECURE. Despite our security measures, ViamOne cannot guarantee that unauthorized third parties will never be able to defeat our security, gain access to your data, or intercept transmissions. The internet itself is not a fully secure medium, and we cannot control all risks associated with its use.

Threats including, but not limited to, the following are outside our complete control: sophisticated nation-state attackers, zero-day exploits in third-party software, supply chain attacks, social engineering of personnel, and vulnerabilities in user devices or networks.

IN THE EVENT OF A DATA BREACH OR SECURITY INCIDENT, VIAMLABS LLC'S LIABILITY IS EXPRESSLY LIMITED AS SET FORTH IN THE TERMS OF SERVICE. YOU ACKNOWLEDGE THAT YOU USE THE SERVICE AT YOUR OWN RISK AND THAT VIAMLABS IS NOT AN INSURER OF YOUR DATA.

ViamLabs will notify users of data security incidents as required by applicable law. We will take commercially reasonable steps to mitigate harm following any confirmed incident. However, ViamLabs makes no guarantee that incident response will prevent all harm, and shall not be liable for any damages arising from a security incident except as expressly permitted by applicable law and limited by our Terms of Service.

We encourage you to maintain independent backups of important documents and to use strong, unique passwords and multi-factor authentication where available.

For the full scope of ViamLabs' liability limitations, please read our Terms of Service and Privacy Policy.