FAQ Security & Privacy Is my data encrypted and secured?

Last updated 28 April 2017

The safety and security of our customer data are our highest priorities. Our API clients are using HTTPS (TLSv1, TLSv1.1, TLSv1.2) to send your data to our servers and you can choose to use TLS to query our indices as well.

By default, our JavaScript API client will use the same protocol as the page hosting it. The backups are encrypted using GnuPG and the transfers between servers are encrypted via AES-256. We put a lot of effort into having the best security. For instance, it took us only a few hours after the disclosure to fix the HeartBleed vulnerability.

We have performed a professional penetration testing in the past and have bug bounty program on HackerOne that helps us ensure ongoing security.

Did you find this page helpful?

We're always looking for advice to help improve our documentation! Please let us know what's working (or what's not!) - we're constantly iterating thanks to the feedback we receive.

Send us your suggestions!