All communication between you and our servers are encrypted using HTTPS. We use HSTS to allow your browser to know in advance that it should only communicate with us using HTTPS. Our backups of your data are always encrypted. To improve their durability they’re stored in a separate geographical zone.
We carefully chose our hosting providers. We make sure our infrastructure has full redundancy for every major system, including the power supply and internet connection. The data centers we use have surveillance teams on site 24/7, barbed-wire fencing and strict security procedures.
We’re continuously updating our infrastructure to stay on top of new vulnerability. All of our servers are monitored closely and logs are stored indefinitely.
We never store your billing information on our servers. They are handled by our partner: Stripe. They are a PCI Service Provider Level 1, the most stringent level of certification available in the payments industry.
We work with security researchers to keep up with the state-of-the-art in web security. If you have discovered a web security flaw that impacts our products, we have a Security Bug Bounty Program in place.