Security
Your data is yours.
We handle ideas that haven't shipped yet. That data is sensitive by definition. Here's exactly how we protect it.
How we protect your data
Encryption in transit
All data is transmitted over TLS 1.2+. Every API call, every webhook, every browser session — encrypted end-to-end. We do not support non-HTTPS access.
Encryption at rest
Your data is stored in Supabase (Postgres on AWS), which encrypts all data at rest using AES-256. GitHub OAuth tokens are additionally encrypted with AES-256-GCM at the application layer before being stored.
Authentication
We support email/password, Google OAuth, and GitHub OAuth via Supabase Auth. All sessions use short-lived JWTs. TOTP two-factor authentication is available for all accounts.
Row-level security
Every database table has Postgres RLS policies enforced at the database layer. Users can only access their own data — regardless of what the application code does.
API key security
API keys are hashed with SHA-256 before storage. The plaintext key is shown once at creation and never stored. Compromised keys can be revoked instantly.
Secret scanning
Our GitHub repository has secret scanning enabled. Dependabot runs weekly. We track CVEs in all dependencies and patch critical vulnerabilities within 24 hours.
Access control
Production database access requires multi-factor authentication and is restricted to named individuals. No shared credentials. Access is reviewed quarterly.
Data residency
All data is processed and stored in the EU (AWS eu-central-1). We do not transfer personal data outside the EEA without appropriate safeguards as defined in our Privacy Policy.
SOC 2 roadmap
We are working toward SOC 2 Type II certification. Here's where we are today.
LiveStructured audit logging
LiveUptime monitoring (BetterStack + Sentry)
LiveRow-level security on all tables
LiveDependency scanning (Dependabot)
LiveEncryption at rest + application-layer token encryption
LiveIncident runbook
PlannedFormal security policy documentation
PlannedPenetration test (third party)
PlannedSOC 2 Type I audit
PlannedSOC 2 Type II certification
Responsible disclosure
If you discover a security vulnerability in PledgeOFF, please report it to us privately. We will acknowledge your report within 48 hours and aim to resolve confirmed vulnerabilities within 14 days.
Please do not publicly disclose vulnerabilities until we've had a chance to address them. We appreciate responsible disclosure and will credit researchers who report valid issues.
[email protected] →Sub-processors
The following third-party services process data on our behalf. A full list is available in our Privacy Policy §5.
SupabaseDatabase, authentication, storageEU (AWS eu-central-1)
VercelHosting, edge networkGlobal CDN · primary EU
AnthropicAI model inference (Otto assistant)US
GroqAI model inference (signal analysis)US
StripePayment processingUS / EU
ResendTransactional emailUS
SentryError monitoringUS