Security & privacy

Each studio is an island

Harmony is multi-tenant by design: your studio’s data is isolated, access is role-based, and even platform support has to be invited in. Here’s how that actually works — described plainly, with nothing oversold.

Per-studio isolation

Every record — lessons, availability, policy, members, notifications — is scoped to one studio. Queries are filtered by your studio on every request, so one studio can’t see another’s data.

Role-based access

Admins, teachers, and students each see only what their role allows, enforced server-side on every page and action. Teachers manage their own lessons; students act only on their own.

Authenticated sessions

Sign-in is email and password via a dedicated auth library; credentials are stored hashed, never in plain text. Sessions expire after seven days and refresh while you’re active.

Audit trails

Support visits are logged with who and when. Every notification email is recorded to an outbox with its delivery status — so admins can always see what happened.

Notification privacy

People control what reaches their inbox. Each user can opt out of new-lesson, reschedule, and cancellation emails independently.

Least-privilege support

Support can’t wander in. Access requires an explicit, expiring grant you control, and a support session can’t change your support settings to extend itself.

The standout

Consent-gated, time-boxed support access

Most SaaS support can quietly read your data. Harmony flips that: a platform administrator can only enter your studio when you grant access, only for as long as you allow, and every visit is recorded where you can see it.

  1. 1

    You grant access

    An admin enables support access for a set window — say, seven days. Nothing is open until you do this.

  2. 2

    Support enters — and it’s logged

    A support visit is recorded the moment it starts, acting only as your studio’s admin, with a clear support-session banner.

  3. 3

    It auto-revokes

    When the window expires or you switch it off, access ends automatically. Support sessions can’t extend their own grant.

  4. 4

    You see everything

    Every enter and exit appears in your studio’s audit log, alongside the full email outbox.

Default grant windows are short and expire on their own — access is the exception, not the rule.
How we build

Honest about what we do — and don’t — claim

We’d rather describe what the software actually enforces than wave compliance badges. Here’s where things stand.

Data is isolated per studio and access is checked on the server for every request.

Passwords are hashed; we never store them in plain text.

Support access is opt-in, time-boxed, and fully logged.

This is a demonstration app — it does not yet carry formal certifications (e.g. SOC 2), and we don’t claim otherwise.

Found something? Tell us.

We welcome responsible disclosure. If you believe you’ve found a security issue, email us and we’ll work with you to confirm and resolve it.

security@harmony.test

Run your studio with confidence

Isolation, role-based access, and audited support — from day one.

Start your studio