Security at DebtGone

All your data is encrypted both in transit and at rest.

• TLS 1.3 encryption for all data in transit
• AES-256 encryption for data at rest
• Encrypted database backups

We use modern, secure authentication methods to protect your account.

• Passwordless authentication via secure magic links - no passwords to steal
• OAuth 2.0 integration with Google for secure third-party login
• Secure session management with automatic expiration
• Rate limiting to prevent brute force attacks

Our infrastructure is built on enterprise-grade cloud services with robust security controls.

• Hosted on Supabase with SOC 2 Type II compliance
• Row Level Security (RLS) ensures users can only access their own data
• Automatic daily backups with point-in-time recovery
• DDoS protection and web application firewall

We follow strict data privacy principles to protect your information.

• We never sell your data to third parties
• Minimal data collection - we only collect what's needed to provide the service
• You can export or delete your data at any time

We maintain rigorous security practices across our development and operations.

• Regular security audits and code reviews
• Dependency vulnerability scanning
• Secure development lifecycle (SDLC)
• Incident response procedures in place