---
title: Delx Wellness security
description: Security, privacy and trust model for Delx Wellness Cloud.
canonical: https://wellness.delx.ai/security
content_signal: ai-train=no, search=yes, ai-input=yes
---

# Delx Wellness security

Delx Wellness uses a local-first trust model for the open-source connectors and a hosted convenience model for the paid cloud beta.

## Hosted controls

- Provider token sets are encrypted before storage in the hosted hub.
- API key secrets are shown once; only salted hashes are stored.
- Export/delete tools are available outside the premium paywall.
- MCP calls produce usage and audit events.
- The staging hub runs behind Caddy on loopback with systemd hardening, an unprivileged service user and Postgres migrations.

## Product boundaries

- Delx Wellness is not medical advice.
- It is not for diagnosis, treatment, emergency monitoring or replacing a clinician.
- Provider integrations are unofficial unless a provider explicitly says otherwise.
- Raw provider payloads and sensitive details stay opt-in where supported.
- Coach/client workflows require explicit consent before any client data sharing is exposed.

## Current beta state

- Hosted hub: https://api.delx.ai/wellness-hub
- Dashboard: https://api.delx.ai/wellness-hub/dashboard/
- Setup docs: https://wellness.delx.ai/docs/cloud
- Pricing/founding access: https://wellness.delx.ai/pricing