Privacy and data handling
AvahVerse is designed to operate as an enterprise SaaS platform where tenant boundaries and governance controls are mandatory. The system is intentionally conservative about what is displayed before authentication. This page provides a high-level explanation of that posture.
Pre-login pages avoid tenant identifiers, user identifiers, and any data derived from tenant content. Status signals are coarse and cached.
Tenant data access is scoped to the active organization and enforced using RBAC and database controls where applicable.
Detailed operational telemetry and governance artifacts are intended to be accessible post-login and under explicit permissions.
Where governance decisions occur, they are designed to be traceable (notes, timestamps, and evidence patterns) without exposing tenant data on public surfaces.
This page is not a legal privacy policy. It describes product behavior and architectural intent. A formal privacy policy should be published separately for production deployments.