Security & Trust
How we protect your account, your links, and your scan data. We describe only what is actually in place today.
Tenant isolation
Every workspace is a separate tenant. Links, QR codes, scan events, conversions and settings are scoped to a workspace at the query layer on every read and write, so one workspace can never see another's data. Client sub-workspaces created under an agency are isolated the same way.
Encryption
All traffic is served over HTTPS/TLS. Data at rest is encrypted by our infrastructure providers (Supabase-managed PostgreSQL and Vercel). Credentials — API keys, webhook signing secrets and link passwords — are stored only as salted hashes, never in plain text.
Authentication & access control
Accounts are authenticated through Supabase Auth. Sensitive actions — issuing or revoking API keys, managing webhooks, changing member roles, and deleting a workspace — are gated to workspace owners and admins. API access uses per-workspace bearer tokens.
Audit logging
Security-relevant actions — role changes, credential lifecycle, domain changes, data exports, billing changes and link deletions — are written to an append-only, tenant-scoped audit trail that owners and admins can review in the dashboard.
Data protection & privacy (GDPR)
Scan IP addresses are anonymized at write time (IPv4 truncated to /24, IPv6 to /48). Workspace owners and admins can export all of a workspace's data as JSON at any time — with credential material redacted — and can permanently delete a workspace, which removes its data across our systems. See our Privacy Policy for details.
Abuse protection
Public endpoints — shortlink resolution, the GS1 resolver, authentication and the API — are rate limited with a distributed limiter so limits hold across our serverless infrastructure. Redirect destinations and outbound webhook targets are validated to block requests to internal/private network ranges (SSRF), and user-supplied content in interstitials is escaped to prevent injection.
Payments
Billing is handled by Stripe. We never see or store full card numbers; card data is processed directly by Stripe.
Compliance
A SOC 2 Type II program is in progress. We are happy to share our current security posture with prospective customers under NDA. This page will be updated as our certifications advance.
Responsible disclosure
If you believe you've found a security vulnerability, please report it privately to loading... before any public disclosure. We appreciate reports and will respond promptly.
