Skip to main content

Security & Trust

How we protect your account, your links, and your scan data. We describe only what is actually in place today.

Tenant isolation

Every workspace is a separate tenant. Links, QR codes, scan events, conversions and settings are scoped to a workspace at the query layer on every read and write, so one workspace can never see another's data. Client sub-workspaces created under an agency are isolated the same way.

Encryption

All traffic is served over HTTPS/TLS. Data at rest is encrypted by our infrastructure providers (Supabase-managed PostgreSQL and Vercel). Credentials — API keys, webhook signing secrets and link passwords — are stored only as salted hashes, never in plain text.

Authentication & access control

Accounts are authenticated through Supabase Auth. Sensitive actions — issuing or revoking API keys, managing webhooks, changing member roles, and deleting a workspace — are gated to workspace owners and admins. API access uses per-workspace bearer tokens.

Audit logging

Security-relevant actions — role changes, credential lifecycle, domain changes, data exports, billing changes and link deletions — are written to an append-only, tenant-scoped audit trail that owners and admins can review in the dashboard.

Data protection & privacy (GDPR)

Scan IP addresses are anonymized at write time (IPv4 truncated to /24, IPv6 to /48). Workspace owners and admins can export all of a workspace's data as JSON at any time — with credential material redacted — and can permanently delete a workspace, which removes its data across our systems. See our Privacy Policy for details.

Abuse protection

Public endpoints — shortlink resolution, the GS1 resolver, authentication and the API — are rate limited with a distributed limiter so limits hold across our serverless infrastructure. Redirect destinations and outbound webhook targets are validated to block requests to internal/private network ranges (SSRF), and user-supplied content in interstitials is escaped to prevent injection.

Payments

Billing is handled by Stripe. We never see or store full card numbers; card data is processed directly by Stripe.

Compliance

A SOC 2 Type II program is in progress. We are happy to share our current security posture with prospective customers under NDA. This page will be updated as our certifications advance.

Responsible disclosure

If you believe you've found a security vulnerability, please report it privately to loading... before any public disclosure. We appreciate reports and will respond promptly.