Last updated: July 6, 2026
This page summarizes how Telene approaches security for Telene Grid and related services.
Telene Grid is currently in private beta. Security practices will continue to mature as the product develops. Please do not upload highly sensitive, regulated, or mission-critical data unless you are comfortable using beta-stage software.
1. Security overview
Telene is designed to protect user data through a combination of application-level access controls, hosted infrastructure, database permissions, secure configuration practices, and careful product design.
Our goal is to collect and process only what is needed to provide the service, avoid unnecessary access to user data, and keep user datasets private by default.
2. Infrastructure
Telene’s planned beta infrastructure uses:
- Cloudflare Pages for frontend hosting and delivery
- Railway for backend/API hosting
- Supabase for PostgreSQL database, authentication, and storage
- Paddle or another payment provider for billing, if paid plans are introduced
These providers are used to host, deliver, store, secure, and operate the service.
3. Encryption in transit
Telene is intended to use HTTPS for browser-to-service communication.
Users should access Telene through official HTTPS URLs such as:
4. Authentication and access control
Telene Grid uses account-based access to protect private projects, datasets, workspaces, reports, and related resources.
Application-level authorization checks are used so that users can access only the resources associated with their own account, organization, or authorized share settings.
Private data should not be publicly accessible unless a user intentionally creates a public or protected share link.
5. Database security
Telene’s planned database layer uses Supabase/PostgreSQL.
Security controls may include:
- organization and user ownership checks
- Row Level Security policies where appropriate
- server-side authorization middleware
- restricted use of privileged service keys
- separation of public frontend keys and private backend secrets
- database schema design that avoids exposing private data unnecessarily
Service-role or privileged database keys must not be exposed in frontend code.
6. Secrets and environment variables
Secrets such as database URLs, service-role keys, JWT secrets, payment webhook secrets, and API keys are managed through environment variables in backend hosting environments.
Secrets should not be committed to Git or placed inside public frontend folders.
The public frontend should only contain values that are safe to expose to browsers.
7. Uploaded datasets
Uploaded datasets are private to the user or organization unless explicitly shared by the user through available sharing features.
Telene does not manually review uploaded datasets as part of normal operations.
Access to uploaded datasets, if ever needed, is limited to cases such as:
- user-requested support
- service maintenance or debugging
- abuse or security investigation
- legal compliance
- data restoration or protection
Where practical, Telene will rely on metadata, logs, and user-provided details rather than raw dataset contents.
8. Logging and monitoring
Telene may collect logs and technical metadata to operate and secure the service, such as:
- request metadata
- error messages
- performance metrics
- upload size
- row and column counts
- usage counts
- API request counts
- authentication or authorization errors
Telene should avoid logging raw dataset contents unless required for a specific operational or security reason.
9. Backups
Telene may use database backups and provider-level recovery features to help protect against accidental loss, operational failure, or service incidents.
Backups are intended for service recovery and continuity. Data deletion requests may take time to fully propagate through backups according to technical and operational limits.
10. Application security practices
Telene aims to follow practical security practices such as:
- validating user input on the server
- checking ownership before returning private resources
- limiting file upload size and accepted formats
- avoiding unsafe rendering of user-provided data
- using text-safe rendering where possible instead of injecting user data as HTML
- keeping private secrets out of frontend code
- limiting administrative access
- applying usage limits to protect the service from overload
- reviewing security-sensitive code paths before production deployment
11. Beta limitations
Telene Grid is in private beta. This means:
- features may change
- limits may change
- security controls may evolve
- downtime may occur
- some enterprise security features may not yet be available
During beta, users should avoid uploading highly sensitive, regulated, or mission-critical data unless they understand and accept the risks.
12. Responsible disclosure
If you believe you have found a security issue, please contact:
Please include:
- a clear description of the issue
- steps to reproduce it
- affected URLs or accounts, if relevant
- potential impact
- your contact information
Please do not access, modify, delete, or disclose data that does not belong to you. Please do not perform destructive testing, denial-of-service attacks, or actions that could disrupt the service.
13. Contact
For security reports:
For privacy or deletion requests:
For general contact: