Program
Every system we operate sits under a documented threat model that is reviewed quarterly. Major releases ship only after a security review against that model. Security ownership sits with the same senior cell that builds and runs the product, so the people accountable for a system are the people who secure it.
Encryption
Data is encrypted in transit using current TLS, and at rest using industry-standard algorithms. End-to-end encryption is available on products that opt into it and is the default on premium tiers. Keys are managed in a dedicated key management service with strict access controls.
Access control
Production access is short-lived, audited, and limited to the on-call rotation. Access requires multi-factor authentication and follows least privilege. Member data is segregated and never copied to engineer machines or to environments that are not built to hold it.
Monitoring and response
We log security-relevant events, alert on anomalies, and run a documented incident response process with defined roles and timelines. Where an incident affects personal data, we notify affected people and regulators as the applicable law requires.
Audits and assurance
We engage an external party to assess our systems on a regular cadence and after significant changes. We maintain internal controls aligned to recognized industry frameworks, and we make relevant assurance information available to partners under NDA.
Vendor security
We hold the service providers that touch our data to contractual security and privacy commitments, review their posture before we onboard them, and keep the list of categories current. See our data processing page for more.