Security

Last updated:

1. Our security practices

We protect your information and transactions with industry-standard measures:

• Encryption in transit — HTTPS/TLS for all connections.
• Encryption at rest — sensitive data is encrypted in storage.
• Access controls — least-privilege access and regular reviews.
• Monitoring — 24/7 threat detection and incident response.
• Backups — encrypted, regular backups with disaster recovery.

2. Payment security

We do not store full payment card details on our servers. Payments are processed by PCI DSS compliant providers. Card data is tokenized where possible.

3. Your role in security

• Use a strong, unique password for any account you create with us.
• Keep your email and payment credentials secure.
• Report suspicious emails or activities immediately.
• Ensure your device is updated and protected by reputable security software.

4. Incident response

If a security incident occurs that affects your data, we will notify you promptly and provide clear guidance. We will also cooperate with authorities as required.

5. Vulnerability disclosure

If you discover a security vulnerability, please report it responsibly via our contact email. Do not exploit or disclose publicly before we have a reasonable time to remediate.

6. Third-party security

We select and review third-party services for security. We require them to follow strict data protection and security standards.

7. No guarantees

While we implement strong security measures, no system is completely immune to risk. We do not guarantee absolute security but commit to maintaining high standards and responding quickly to issues.

8. Updates

We regularly review and improve our security practices. This page may be updated to reflect changes.

9. Contact

For security concerns or vulnerability reports, use the contact email on this website with “Security” in the subject.