Security

Your data security is our top priority

Encryption

All data is encrypted in transit using 256-bit SSL/TLS encryption. Sensitive data is encrypted at rest using AES-256.

Infrastructure

Hosted on enterprise-grade infrastructure with DDoS protection via Cloudflare and automated security monitoring.

Authentication

Secure password hashing with bcrypt, JWT-based session management, and optional two-factor authentication.

Payments

All payments processed through Stripe (PCI DSS Level 1 certified). We never store credit card numbers on our servers.

Data Protection

Regular automated backups with point-in-time recovery
Data stored in secure European data centers
Strict access controls and audit logging
GDPR-compliant data handling practices

Operational Security

Regular security assessments and penetration testing
24/7 infrastructure monitoring and alerting
Incident response procedures and disaster recovery plans
Employee security training and background checks

Report a Vulnerability

If you discover a security vulnerability, please report it responsibly to: [email protected]