SellionSellion

Security overview

Built for governed outreach, not “rogue AI.”

Sellion is designed for revenue teams that need control, isolation, and auditability. Pods, integrations, and conversations operate inside clear identity, data-handling, and governance boundaries.

Last updated: January 11, 2026

← Back to homepage
This page is a practical overview of our security approach. Contractual commitments are defined in your signed agreements (MSA, DPA, and any security schedule).

Identity & access

Tenant-aware RBAC, least-privilege access, and clear boundaries between customers.

Data protection

Encryption in transit and at rest, scoped access patterns, and retention controls.

Agent governance

Guardrails for targeting, prompts, and pricing, with audit logs for key decisions.

Identity, authentication, and RBAC

Every request is tied to a tenant and a user or service identity. Pods, integrations, and conversations are scoped to that tenant, so it’s always clear who did what, when, and on whose behalf.

  • Tenant-aware RBAC: roles with explicit scopes.
  • Authentication: secure auth by default; SSO options available for larger deployments.
  • Scoped API keys: per-tenant, revocable, and designed for rotation.
  • Session security: time-bounded sessions and revocation paths.

Role examples

  • Admin: governance, integrations, billing, and security settings.
  • Manager: pod configuration and team workflows within a tenant.
  • SDR: assigned pods, accounts, and conversations.
  • Observer: read-only access to analytics and conversation views.

Environment hygiene

  • Clear separation between pilot/staging and production.
  • Non-production environments should use synthetic or redacted data.

Data protection

We treat CRM records, conversation logs, and pricing context as sensitive. Access is explicit, auditable, and limited to what is required to run your pods and integrations.

  • Encryption: TLS in transit; encryption at rest.
  • Least privilege: services only access what they need for their function.
  • Tenant segregation: no cross-tenant access by default.
  • Backups & recovery: designed for resilience, not ad hoc access.

Retention, export, and deletion

Different teams have different requirements. We support retention controls and clear paths for export and deletion, subject to product capabilities and contractual terms.

  • Configurable retention: logs and conversation content windows.
  • Export paths: support operational needs and audits.
  • Deletion requests: handled per contract and legal requirements.

LLM usage and guardrails

Pods use foundation models to draft outreach and negotiation options, but we wrap model calls in controls that reflect your governance model.

  • Context scoping: only the minimum context required to perform the task.
  • Sensitive-field handling: options to redact or mask fields in logs and demos.
  • Policy-aware prompting: do-not-contact rules, regional policy, and pricing floors.
  • Approval paths: high-risk actions can require human approval before send.

We do not treat customer CRM data or conversation content as public training data for general-purpose models.

Auditability and incident response

Security is not just prevention. It’s the ability to detect issues quickly, explain what happened, and respond with clarity.

  • • Per-tenant audit logs for admin changes and high-impact actions.
  • • Conversation tracing to review key decisions and message history.
  • • Runbooks for availability and security incidents, plus escalation paths.

Security review or deployment questions?

We’re happy to walk through controls, data flows, and rollout options with your security and RevOps teams.

Related: Privacy · DPA overview

Talk to salessecurity@sellion.ai →