Security Overview

Vollume is purpose-built for music professionals who can't afford for their work to leak. From unreleased masters to work-in-progress sessions, your files are protected at every layer of our infrastructure. Trusted by thousands of engineers, producers, and artists worldwide.

Access Control

All uploads are private by default. Nothing is accessible unless you explicitly grant it.
The most secure way to collaborate is via verified email invite. Collaborators receive a unique access link tied to their account. If they don't have a Vollume account, they'll verify their email and create one for free before gaining access.
We also support secure link-sharing using cryptographically random, unguessable URLs. Recipients can stream shared content without an account, keeping handoffs frictionless. Since access is link-based rather than identity-based, treat these links like passwords, only send them to intended recipients.

Data Encryption

All All data is protected with enterprise-grade encryption across every stage of its lifecycle:

• At rest - AES-256 encryption locks all stored data at the infrastructure level. This is the same standard used in banking and defence-grade systems.

• In transit - all data is encrypted before transmission using TLS, authenticated at both endpoints, and verified on arrival. Nothing travels in plaintext.

• Passwords - passwords are never stored or transmitted in plaintext. We use modern cryptographic hashing algorithms to ensure credentials remain protected even in the unlikely event of a breach.

  
  

Secure sign-in

Sign in via Google or Okta for a faster, more secure authentication flow. Both providers support two-factor authentication and hardware-level biometrics such as Face ID and Touch ID, reducing reliance on passwords entirely.

Right to be forgotten

You own your data. At any time, you can permanently delete your account and all associated data from our servers. No retention, no exceptions.