Trust centre
Security claims should be specific, current and verifiable
This page distinguishes controls visible on the public service from product assurances that should be confirmed in the current security material or agreement.
Last reviewed: July 2026
Public website transport
The public website enforces HTTPS, HSTS, restrictive framing, content-type protection and a documented content security policy.
- HTTPS and HSTS
- Frame protection
- Content Security Policy
- Restricted browser permissions
Access and authentication
Product authentication and administrative access controls should be evaluated against the current product security documentation. Contact Convoe for the latest supported controls before procurement.
Incidents and vulnerability reports
Report a suspected vulnerability or security incident to the published support address. Do not include sensitive customer data in the initial message.
Claims not made here
This page does not claim a certification, penetration-test result, backup interval, data residency guarantee or encryption-at-rest implementation that has not been provided as a verified public fact.
One site is enough to start
Need the current procurement facts?
Ask for the current security, privacy and product data-processing material for the service you are evaluating.