Every Allux site is served over SSL with automated certificate management. Published sites are server-side rendered and cached — no client-side dependency for your content to exist.
Databases are backed up automatically to encrypted, off-site storage with tested restores. Access to advisor accounts and content is permission-scoped: your data is readable and editable only by your own logins and the Allux service roles that support you.
Every published version of every page is archived as an immutable snapshot — timestamped, non-editable, retained for at least five years, and exportable on request — designed to support your Rule 204-2 recordkeeping.
An optional review-before-publish workflow enforces sign-off server-side: with review enabled, nothing goes live without approval, and every approval is logged.
If you leave, your domain, content, and imagery leave with you — the process and timeline are committed in the written Portability Guarantee.
Questions from your compliance or IT reviewer? info@allux.ai — we answer diligence questionnaires directly.