We treat customer data, payments, and uptime as core product features. Here is how we keep everything safe.
All traffic to our products is served over HTTPS with TLS 1.2 or higher. Internal service-to-service communication is also encrypted.
Customer data stored in our databases and backups is encrypted at rest using industry-standard AES-256 encryption.
Application secrets (API keys, credentials) are managed through secure key stores, never committed to source control.
All card processing is handled by PCI-DSS certified payment gateways (Stripe and equivalents). We never store full card data.
Data processing agreements available on request. Data export and deletion on request across every product in the portfolio.
Infrastructure monitored around the clock with automated alerts. Historical uptime available for each product on request.
Found a vulnerability in one of our products? We take these reports seriously. Email us at digitalgimmick@gmail.com with details and we will respond within 48 hours.
We do not currently run a paid bug bounty programme, but we credit responsible disclosures publicly (with your permission) and welcome collaborative discussions with the security community.