Security & trust

Built for finance teams, with controls to match.

Designed around controlled access, private evidence, and audit-friendly records.

Access control

Role-based access, org-scoped data.

Admin and viewer roles control who can manage subscriptions, decisions, evidence, and reports. Every record is scoped to your organization and enforced at the database layer.

Admin and viewer roles
Org-scoped reads and writes
Row-level security at the database

Access is enforced in the database, not just hidden in the interface.

Private evidence

Contracts stored privately, accessed via short-lived links.

Uploads stay in private storage. Viewers get temporary, scoped URLs instead of public paths.

Audit-friendly history

Decisions, term changes, and ownership changes are recorded.

When a renewal is questioned later, there is a trail to point to, not just a memory.

Admin and viewer permissions

Read-only access for stakeholders; write access only where it's needed.

No public PII exposure

User identities resolve through restricted server-side functions, not public views.

Single source of truth

One org-wide system replaces scattered spreadsheets and shared inboxes.

Responsible disclosure

If you believe you have found a security vulnerability in Alarty, please email security@alarty.com with details and steps to reproduce. We will acknowledge your report and work with you in good faith to investigate and remediate.