Trust
Security
WebAnnotates is built around project-scoped access, authenticated APIs, and operational controls designed to keep review workflows separated and manageable.
Last updated May 13, 2026
Access control
Workspace access is tied to authenticated user sessions, and project workflows are designed around project-specific permissions and token-scoped embed behavior.
Integrations
Notion and GitHub connections are authorized per project. Connected integrations use stored credentials only for the flows configured by authorized workspace users.
Operational safeguards
We use service-side validation, usage enforcement, and project separation to reduce accidental data exposure and keep collaboration environments isolated.