Security at Listium

Listium is a cloud-hosted platform. The application layer and APIs run on Vercel, while Neon hosts the Postgres database that stores guest lists, table data, advancing records, incidents, and audit trails. We do not operate our own hardware; we rely on these providers for infrastructure hardening and physical security.

Both providers maintain hardened infrastructure with encryption at rest and in transit. All traffic between devices and Listium travels over HTTPS/TLS, and we rely on Vercel and Neon's security programs for physical security, network isolation, and platform patches.

Every connection to the Listium web app and APIs is protected with HTTPS/TLS. Operational data, auth tokens, and device sync traffic are encrypted in transit before they leave the browser, tablet, or mobile device.

Neon encrypts database storage at rest. Payment card data never flows through Listium servers, Stripe handles collection, tokenization, and storage of full card numbers and CVVs.

Listium uses BetterAuth for authentication, session management, and MFA. Credentials are securely managed with robust session controls and optional multi-factor authentication for added security.

Inside Listium, role-based access control keeps door, VIP, production, security, and admin roles scoped to what they need. Device approvals gate offline access, venue admins explicitly approve tablets, revoke them when staff changes, and can lock down offline sync if a device is lost. Least-privilege defaults keep staff accounts limited to their operational lane.

Venues lose Wi-Fi, so Listium caches tonight's guest lists, reservations, advancing tasks, cues, and incident logs on authorized devices. The cache ties to a specific venue account and syncs through Vercel-hosted APIs back to Neon as soon as connectivity returns.

Revoking a user or device immediately blocks future syncs and renders the offline cache unusable going forward. Customers share responsibility for the physical security of tablets, approving only trusted hardware, and removing departing staff quickly. Offline capability protects the night, but devices should be treated like sensitive assets.

Stripe processes all subscription payments. Stripe maintains PCI-DSS compliance, stores cardholder data, and provides tokenized references back to Listium. We only retain limited billing metadata, customer identifiers, last four digits, brand, and expiration, to manage invoices and account status.

Listium uses Statsig for analytics and experimentation. Statsig receives pseudonymous event data (feature flag exposure, engagement signals) to improve reliability and UX. We don't run ads or cross-site tracking, and access to analytics data is limited to staff focused on product quality and uptime.

Operational emails, device approvals, account invites, nightly summaries, incident exports, are delivered via Resend. Resend maintains TLS for delivery where supported and stores only the metadata required to ensure a message was sent. Emails are strictly transactional and not sold or shared with ad networks.

Listium captures audit logs for the actions that matter during a show: check-ins and undo events, holds and deposits, comp changes, advancing edits, cue updates, and incident logs. Login events and device approvals are also recorded at a high level.

These logs power the Command HUD, help customers investigate disputes, and feed our monitoring and abuse detection. Venue admins can review logs inside the product, and we retain them for a reasonable period consistent with our Privacy Policy.

Code lives in version control with review required before deployment. Dependencies and frameworks are updated regularly, and we ship through an automated pipeline on Vercel. Production access is restricted to operators who need it, and secrets stay in managed secret stores or environment variables, not in source control.

Security is shared. Listium supplies RBAC, device approvals, and fast revocation tools. Customers are responsible for:

• Assigning appropriate roles to staff and limiting access to sensitive workflows.
• Approving only trusted devices for offline mode and revoking lost or retired hardware.
• Removing user access immediately when staff leave or duties change.
• Maintaining physical security in venues, offices, and storage areas.
• Ensuring they have the rights to upload guest, artist, and operational data into Listium.

If you discover a vulnerability or notice suspicious activity, email security@listium.app with as much detail as possible. Please do not publicly disclose findings until we have investigated and addressed the issue. We respond quickly to legitimate reports affecting customer safety or data integrity.

Our security practices evolve alongside the platform. We will update this page when material changes occur and may notify customers in-app or via email if the changes affect how their data is protected.