Security

Our infrastructure is hosted on Amazon Web Services (AWS), a leading cloud provider with world-class security certifications.

• Encryption in Transit: All data transmitted between your client and our API is encrypted using TLS 1.2+.
• Encryption at Rest: All sensitive data stored in our databases is encrypted using AES-256.
• DDoS Protection: We utilize AWS Shield to protect against Distributed Denial of Service attacks.

We follow secure coding practices and regularly audit our codebase for vulnerabilities.

• Authentication: We use industry-standard OAuth2 and Bearer Token authentication.
• Rate Limiting: We enforce strict rate limits to prevent abuse and ensure service availability.
• Input Validation: All API inputs are strictly validated to prevent injection attacks.

We are committed to complying with global data protection regulations.

• GDPR: We are fully compliant with the General Data Protection Regulation for European users.
• CCPA: We comply with the California Consumer Privacy Act.