Security & Trust

Your team's data, handled professionally.

Onoria manages sensitive personnel documents — passports, visas, residency permits, and travel records — on behalf of organisations sending people across borders. We take that responsibility seriously. The platform is built around encrypted storage, strict access controls, and a complete audit trail so you always know who accessed what and when.

Security principles

Encryption at rest and in transit

All uploaded documents — passports, visas, residency permits — are encrypted at rest using AES-256. All data in transit is protected by TLS. No document is ever stored or transmitted in plaintext.

Data hosted in France

All data is stored on servers located in France. No personal data or documents are transferred outside the EU. This applies to all organisations using the platform, regardless of where they are based.

Role-based access control

Operations managers, personnel, and staff each see only what they need. Sensitive documents are scoped to the appropriate roles and organisation. No data is ever accessible across organisation boundaries.

Full audit trail

Every document upload, access, status change, and approval is timestamped and attributed to a named user. Nothing happens anonymously. Organisations have a complete, immutable record of all activity on their account.

Secure document workflows

Documents are uploaded and accessed through secure, permission-gated workflows. Access is restricted to authorised personnel only. Temporary access links are signed and scoped — no document URL is ever permanent or shareable.

No third-party data sharing

Document data is never shared with third parties or used for any purpose other than delivering the platform. Your team's identity documents stay within the platform and under your organisation's control.

Note: This page describes our approach to handling data securely and responsibly. It does not constitute a legal guarantee, certification, or compliance statement. For full details on how personal data is collected, stored, retained, and protected, see our Privacy Policy. For specific questions about data handling, security practices, or contractual terms, please contact us directly.

We use analytics cookies to understand how visitors use our site and improve it over time. Your session cookie is strictly necessary and always active. Privacy Policy.