Security & privacy

Selda is built so your data stays yours and isolated to your workspace.

Workspace isolation. Every workspace is its own organization; data (projects, leads, campaigns, inbox, credits) is scoped to it. Server-side access checks gate every read and write.
Auth. Sign-in is handled by Clerk (JWT). API/MCP access uses revocable API keys (sk_live_…), stored hashed, scoped to one organization.
Billing integrity. Subscription and credit changes are server-only and verified against Stripe, and cannot be altered from the client.
Webhooks from providers (Stripe, Clerk, Mailgun) are signature-verified.
You approve sends. Selda drafts outreach; nothing is sent without your approval.

For questions about data processing or compliance, contact support.