Trust & Transparency

Built to be trusted.
Designed to be audited.

We use CodeSec to scan CodeSec. Every security claim on this page is verified by the same platform we ship to you.

All Systems Operational
APIDashboardScanning EngineAuthenticationDatabaseAI Analysis

Application & Infrastructure Security

Security

We apply OWASP Top 10 mitigations, enforce TLS 1.3 everywhere, and scan our own codebase with CodeSec.

  • TLS 1.3 encryption in transit
  • AES-256 encryption at rest
  • OWASP Top 10 mitigations
  • Rate limiting & CSRF protection
  • Dependency CVE scanning
Security details

Privacy-First Data Practices

Privacy

We collect only what we need, never sell your data, and give you full control with self-service deletion.

  • No data selling, ever
  • Minimal data collection
  • Self-service account deletion
  • GDPR-compliant processing
  • Opt-out analytics
Privacy policy

Compliance & Legal

Compliance

Transparent legal documents, GDPR compliance, and clear user rights — no legalese runaround.

  • GDPR data rights support
  • Clear terms of service
  • Startup-friendly refund policy
  • Cookie consent management
  • Data Processing Agreements
GDPR rights

Reliable Infrastructure

Infrastructure

Built on Supabase, Vercel, and Hetzner Cloud with automated backups, PITR, and row-level security.

  • Supabase PostgreSQL (SOC 2 Type II)
  • Automated backups with PITR
  • Row-level security policies
  • Private network isolation
  • Multi-region redundancy
Infrastructure details

Compliance & Certifications

Supabase SOC 2 Type II

Database infrastructure

PCI-DSS via Dodo Payments

Payment processing

GDPR Compliant

EU data protection

TLS 1.3

All connections encrypted

Sub-Processors

All third-party services that process data on behalf of CodeSec users.

ProviderPurposeLocationStandard
SupabaseDatabase, Auth, StorageSOC 2 Type II
VercelApplication HostingSOC 2 Type II
Hetzner CloudServer InfrastructureISO 27001
Dodo PaymentsPayment ProcessingPCI-DSS
AnthropicAI Scan AnalysisSOC 2 Type II
OpenAIAI Scan AnalysisSOC 2 Type II
ResendTransactional EmailSOC 2 Type II

Security questions?

Reach out for vulnerability reports, data processing agreements, or any trust-related inquiry.

[email protected]