Security Statement

1. Our Commitment

At DataGhost.me, protecting your personal information is our top priority. We employ industry-standard security measures to ensure your data is safe, secure, and private.

2. Data Encryption

In Transit: All data transmitted between your device and our servers is encrypted using TLS (Transport Layer Security) 1.2 or higher.

At Rest: Sensitive user data stored in our databases is encrypted at rest using AES-256 encryption standards.

3. Access Control

Access to user data is strictly limited to authorized personnel who require it to perform their job duties (e.g., customer support). We enforce multi-factor authentication (MFA) for all administrative access.

4. Data Retention & Deletion

We practice data minimization. We temporarily store your info for exactly 45 days only so we can automatically re-remove your data every week if it reappears. On day 46, a pg_cron job permanently deletes everything — no backups, no logs, gone forever.

5. Infrastructure Security

We rely on world-class infrastructure providers:

• Supabase: For secure, compliant database hosting.
• Netlify: For secure, distributed application hosting.
• Lemon Squeezy: For PCI-DSS compliant payment processing. We do not store your credit card information on our servers.

6. Responsible Disclosure

If you believe you have found a security vulnerability in DataGhost.me, please contact us immediately at support@dataghost.me. We appreciate your help in keeping our community safe.