Secure review links
Review links use cryptographically random tokens. Workspace owners can regenerate or revoke access when a link should no longer be usable.
Security and client review privacy
Clear controls for external client reviews.
ApproveWell is built around secure review links, version-tied approval records, revocable access, encrypted storage, and a privacy posture without ad tracking.
Encrypted traffic and storage
Traffic is protected in transit with TLS. Stored files and database records are encrypted at rest using AES-256 encryption.
Upload scanning
Uploads are inspected on receipt before they are made available through the review workflow.
No advertising trackers
ApproveWell uses necessary session cookies and does not use advertising cookies, retargeting pixels, or third-party tracking cookies.
How review links work
Clients get the narrow review surface they need. Your team keeps the workspace, settings, billing, templates, and internal dashboard separate.
1
You create a request and add external reviewers.
2
ApproveWell generates a unique review link for each reviewer.
3
The reviewer opens the link, views the current version, comments, and submits a decision without joining your workspace.
4
The owner can revoke or regenerate links and keep the activity tied to the approval trail.
What can a client access?
A reviewer link only opens the review experience for the request or client portal it was created for. It does not grant access to your workspace dashboard.
What if a reviewer forwards a link?
Anyone with a valid unprotected link may be able to open it. Use passcodes, expiry, no-download controls, or link revocation when the project needs tighter access.
What is captured in the approval record?
ApproveWell records request activity such as invites, link views, comments, reminders, version uploads, status changes, and reviewer decisions.
Who processes payments and email?
Stripe handles payments. Resend handles transactional email. Cloudflare provides CDN, DDoS protection, and SSL/TLS termination.
Security is shared work.
Use the right link controls for the sensitivity of the project, remove access when the review is done, and contact support if you need help choosing settings.