Trust is engineered, not claimed.
Berlvis carries the records, the money, and increasingly the identities of everyday Nigerian businesses. That responsibility shapes every line we ship.
- 01Least access, by default.
Every system, every employee, every integration begins with no access. Permissions are granted narrowly, reviewed regularly, and revoked the moment they are no longer needed.
- 02Encrypted in motion and at rest.
Customer data is encrypted on the wire with modern TLS and at rest in our managed databases and object storage. Keys are rotated and access-logged.
- 03Designed for offline integrity.
Our offline-first products treat the local device as a first-class citizen. Local records are integrity-checked and reconciled, never silently overwritten on sync.
- 04Auditable by design.
Material actions on a customer's records are append-only and timestamped. We can answer 'who did what, when', and so can you.
- 05Disclosure is an obligation.
If an incident affects you, we tell you. Plainly, promptly, and with what we know, not what is convenient.
Found something? Tell us before you tell anyone else.
We honor responsible disclosure. If you have identified a vulnerability in any Berlvis product or domain, contact our office and we will respond within two working days. We do not pursue researchers acting in good faith.
Report securely →