Security

Last updated: July 2026

Per-client isolation

Each stable is an isolated tenant. Isolation is enforced at the database level (PostgreSQL Row-Level Security), not just in the app — one client never reaches another's data.

Access and authentication

Session authentication, optional two-factor authentication (2FA), role-based access and per-horse and per-barn permissions. All sensitive activity is recorded in an audit trail (who did it, who saw it, when).

Data and sovereign AI

Data encrypted in transit and hosted in the EU. Intelligence can run in the European cloud, on a local server at the stable, or fully offline — your choice, with no third-party sharing.

Responsible disclosure

If you believe you've found a vulnerability, contact security@estabulo.eu. We appreciate responsible disclosure and respond as a priority.