Your money and your data, handled carefully
Two questions matter most here: where does the money go, and who can see the work. The money goes straight to you through your own payment gateway, so Delivvo never holds it. The work sits behind per-client links, and the keys to your payment accounts are encrypted before they ever reach our database.
What we protect, and how
We never hold your money
Clients pay through your own gateway, straight to your account. Delivvo is not the merchant of record and never keeps a balance, so there is nothing of yours for us to sit on.
Gateway keys are encrypted
The credentials that connect your payment gateway are encrypted before they are stored. They are not sitting in plain text in a database somewhere.
Per-client access
Each client only reaches their own project through their own link. One client's link never exposes another client's files, messages, or invoices.
We do not see card details
Card and bank details are entered into your payment processor's own secure checkout, not ours. Delivvo never sees or stores them.
The shortest path is the safest one
When a tool routes your client's payment through its own account first, that tool becomes a place your money waits and a party that can hold it. Delivvo is not in that path. The Pay Now button on your invoice runs through the gateway you connected, so the funds go from your client to you. The less Delivvo touches, the less there is to go wrong.
- Funds flow client to your gateway to you
- No Delivvo balance and no payout delay from us
- You stay the merchant of record on every payment
Where your money sits
- With Delivvo
- Never
- In your own gateway
- Always
- Payout delay from us
- None
Access is locked down by default
Project data is fenced off per account and per client in the database itself. The separation holds even if the interface has a bug. A client link can be set to require a one-time code by email before it opens, and your gateway keys are encrypted with a key that even Delivvo staff cannot read out of the database.
- Database-level rules keep each account's data separate
- Optional one-time-code lock on a client portal
- Gateway credentials encrypted, not readable in plain text
Maya -> Brand Refresh only
PrivateOmar -> Cafe Launch only
PrivateQuestions about security
No. Clients pay through your own connected gateway, so the money goes straight to your account. Delivvo is not the merchant of record and never keeps a balance, which means there is no payout delay from us and nothing of yours for us to hold.
They are encrypted before they are written to the database, using strong encryption. They are not stored in plain text, and the encryption is designed so the raw keys are not readable straight out of the database.
No. Card and bank details are entered into your payment processor's own secure checkout, not into Delivvo. We never see or store them.
No. Access is separated per client in the database itself, not only in what the interface shows. A client's link only ever opens their own project.
Yes. You can require a client to confirm a one-time code sent to their email before the portal opens, which is useful for more sensitive projects.
We are an early-stage product and we are not going to claim certifications we have not earned. The privacy and terms pages set out exactly how data is handled. If your work needs a specific compliance standard, reach out and we will tell you honestly where we stand.