Data Peeps

Security

Your knowledge is valuable. We treat its protection as our highest priority. Here's how we keep your data safe.

We are committed to maintaining the highest standards of security and privacy. Our infrastructure and practices are designed to keep your data safe at all times.

Infrastructure Security

  • All services hosted on enterprise-grade cloud infrastructure (Google Cloud Platform)
  • Automatic scaling and redundancy across multiple availability zones
  • DDoS protection and Web Application Firewall (WAF)
  • Regular security patches and updates applied automatically
  • Private network isolation between services

Application Security

  • All data encrypted in transit using TLS 1.3
  • Data encrypted at rest using AES-256 encryption
  • Secure authentication via Supabase Auth with JWT tokens
  • Role-based access control (RBAC) for team features
  • Rate limiting and abuse prevention on all API endpoints
  • Regular third-party security audits and penetration testing

Data Protection

  • Your documents are never used to train our AI models
  • Knowledge base content is isolated per user/organization
  • Embeddings stored in dedicated vector database with access controls
  • Automatic backups with point-in-time recovery
  • Data residency options available for enterprise customers
  • Complete data deletion upon account termination

Compliance

  • SOC 2 Type II certification (in progress)
  • GDPR compliant - EU data protection regulations
  • CCPA compliant - California consumer privacy
  • Regular compliance assessments and gap analysis
  • Comprehensive audit logging for all operations

Responsible Disclosure

We value the security research community and appreciate efforts to improve our security. If you discover a vulnerability, please report it responsibly:

  • Email: security@datapeeps.com
  • Include detailed reproduction steps
  • Allow reasonable time for us to respond and fix
  • Do not access or modify other users' data

We acknowledge valid reports and work to resolve issues promptly. Researchers acting in good faith are protected from legal action.

Have security questions or need enterprise security documentation?