End-to-End Encryption
All data in transit is protected by TLS 1.3 (HSTS enforced) — all sensitive data at rest is encrypted with AES-256.
Bcrypt Password Hashing
Passwords are hashed with bcrypt (cost 12); we never see them in plaintext.
Daily Backups
Automatic daily database snapshots with 30-day retention.
Attack Protection
Brute-force, CSRF, XSS, SQL-injection, and per-route rate-limiting on every API endpoint.
Certified Infrastructure
Cloudflare R2 (SOC 2), MongoDB Atlas, Stripe PCI-DSS Level 1, Resend SOC 2.
Bug Bounty
Found a vulnerability? Email info@trustedtechno.com — bounty paid to verified reporters.
Responsible Disclosure
If you find a security vulnerability, we encourage you to report it privately before disclosing publicly. Our commitments:
- Response within 24 hours.
- Fix shipped within 7 days for critical vulnerabilities.
- Public acknowledgement of the discoverer (if they wish).
- No legal action against good-faith security research.
Regulatory Compliance
TRUST DESIGN operates under UAE law, and complies with GDPR for European users and CCPA for California users.
Incident Response
In case of a security incident, we will notify affected users within 72 hours via email and in-platform notification, explaining what happened, what data was affected, and what actions we took.