Trust & Security
What Lumenbase protects and recovers, and where workspace admins manage it in the app.
By Sebastian StreiffertPublished Jan 10, 2026Updated Jun 3, 20266 min read
Workspace admins get concrete controls for access, monitoring, and recovery, not just policy statements. Below is what Lumenbase provides, then where each control lives in the app.
Capabilities
Access control
Role-based permissions
Two-factor authentication
Enforced permissions
Audit and visibility
Security events
Export tracking
Change audit trail
Redacted secrets
Recovery and portability
Trash recovery
Bulk undo
Import rollback
Workspace snapshots
Regular backups are verified before retention. Workspace snapshots and the in-app recovery tools above sit on top of that foundation.
Where to manage it
Use System Operations for security monitoring and data recovery, and Settings for access control and account security.
Security Center
System Operations → Security Center is the hub for exports, active integrations, security events, and high-impact activity. Use the Overview tab for counts and configuration status, and Activity Log and Exports & Integrations for detail.
Security Center
2
High-Permission Users
8 / 9
2FA Enrolled
4
Active Integrations
3
Exports (7 days)
View all exports
1
High-Impact Events (7d)
View high-impact events
Security Configuration
Platform-level security features active for this workspace
Recent Activity
Latest security-relevant events in your workspace
Data Hub, Recovery & Backups
System Operations → Data Hub → Recovery & Backups is where admins restore soft-deleted records, undo bulk batches, and create or review workspace snapshots.
Data Hub
Import and export your CRM data with smart field mapping and duplicate detection
Trash Recovery
Jordan Lee
c-1042
Northwind Q2 expansion
d-881
Recent Bulk Undo Batches
delete · contact
47 records
Workspace Backups
Retention policy
Workspace snapshots are retained for 30 days.
Latest workspace snapshot
Completed 5/28/2026, 2:14:00 PM
Other admin surfaces
| Capability | Where in the app |
|---|---|
| Import rollback | System Operations → Data Hub → Import History |
| Export CRM data | System Operations → Data Hub, or entity list export actions. See Export Data and Account Closure. |
| Roles and permissions | Settings → Company Settings → User Management |
| Mandatory 2FA policy | Settings → Company Settings → Configuration → Two-Factor Authentication |
| Personal 2FA enrollment | Settings → My Settings → Profile (Authentication) |
Transparency
CRM data is processed under our Terms and DPA. We publish subprocessors, offer a standard DPA on request, and run structured GDPR and CCPA access and deletion requests. Cross-border transfers use standard contractual safeguards. You can find the details in the Privacy Policy and DPA.
Lumenbase is not yet SOC 2 or ISO 27001 certified, and is not HIPAA-compliant. We follow the underlying controls — encrypted connections and storage, per-workspace tenant isolation, role-based access, optional mandatory 2FA, and audit logging — and we complete security questionnaires and provide our DPA on request.
Responsible disclosure
Report vulnerabilities to security@lumenbase.io. Our policy covers scope, safe harbor, and response times.
Read the disclosure policyEnterprise questions
We complete security questionnaires and provide our DPA on request: security@lumenbase.io, privacy@lumenbase.io.
Was this article helpful?
