Security

We take security seriously. Learn about the measures we've implemented to protect your data and ensure safe usage of our service.

Data Encryption

In Transit

All data transmitted between your browser and our servers is encrypted using TLS 1.3 (HTTPS).

At Rest

Temporary data is encrypted using AES-256 encryption while being processed on our servers.

API Security

All API communications use secure authentication tokens and encrypted connections.

Data Minimization

  • No Permanent Storage: Images are processed in memory and deleted within 1 hour
  • Minimal Logging: We only log essential information for security and performance
  • No Personal Data: We don't collect personal information beyond what's necessary for service operation
  • Anonymous Processing: Your images are processed without linking to your identity

Infrastructure Security

DDoS Protection

Our infrastructure includes DDoS protection to ensure service availability during attacks.

Firewall

Multi-layer firewall protection filters malicious traffic and unauthorized access attempts.

Monitoring

24/7 security monitoring with automated threat detection and response systems.

Access Controls

  • Principle of Least Privilege: Staff access is limited to what's necessary for their role
  • Multi-Factor Authentication: All administrative access requires MFA
  • Regular Audits: Access permissions are reviewed and updated regularly
  • Secure Development: Our code follows security best practices and is regularly audited

Compliance & Standards

GDPR

European data protection regulation compliance

CCPA

California Consumer Privacy Act compliance

SOC 2

Security controls and procedures certification

ISO 27001

Information security management system standards

Incident Response

In the unlikely event of a security incident:

  • Immediate Response: Our team responds to security incidents within 1 hour
  • User Notification: Affected users are notified within 72 hours if personal data is involved
  • Transparency: We provide clear communication about the nature and scope of incidents
  • Remediation: We take immediate steps to prevent similar incidents in the future

Report Security Issues

If you discover a security vulnerability, please report it responsibly:

Email: [email protected]

Response Time: We acknowledge security reports within 24 hours

We appreciate responsible disclosure and may offer recognition for valid security reports.

This security information is current as of December 2024. We continuously improve our security measures to protect your data.