Skip to content

Security & Privacy

We take security seriously. Our infrastructure is built on industry best practices to protect your data.

Data Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256). We use industry-standard encryption for all customer data.

Infrastructure

Hosted on Vercel and AWS with automatic security patches, DDoS protection, and 99.9% uptime SLA.

Access Controls

Role-based access control (RBAC), multi-factor authentication (MFA), and audit logging for all system access.

Compliance

GDPR-compliant data handling, SOC 2 Type II in progress, and regular third-party security audits.

Our Security Practices

  • Regular security audits and penetration testing
  • Automated vulnerability scanning and patch management
  • Strict data retention and deletion policies
  • Employee security training and background checks
  • Incident response plan with 24/7 monitoring
  • Data backup and disaster recovery procedures
  • Zero-trust network architecture

Responsible Disclosure

If you discover a security vulnerability, we encourage responsible disclosure. Please report security issues to our team, and we'll respond within 48 hours.

We're committed to working with security researchers and will publicly acknowledge responsible disclosures (with your permission).

Security Questions?

For security inquiries or vulnerability reports, contact our security team.

Contact Security Team