5 Layers of Security
Your data is protected at every step—from the moment it leaves your browser to when results are returned. Here's how we keep it safe.
Encryption in Transit
All data transmitted between your browser and our servers is encrypted using TLS 1.2+ with strong cipher suites.
- TLS 1.2 and 1.3 only
- Strong cipher suites (AES-256-GCM)
- HSTS enabled with preload
- Certificate pinning for API clients
Encryption in Transit Diagram
Encryption at Rest
Sensitive data stored in our database is encrypted using AES-256-GCM. Your original text is never stored.
- AES-256-GCM encryption
- Separate encryption keys per user
- Key rotation support
- Secure key storage
Encryption at Rest Diagram
Access Control
Multi-layered authentication and authorization ensures only you can access your data.
- JWT token authentication
- Optional two-factor authentication
- Session management
- Role-based access control
Access Control Diagram
Infrastructure Security
Our servers are hosted in ISO 27001-certified data centers with comprehensive security measures.
- Hetzner Cloud (Germany)
- UFW firewall
- fail2ban intrusion prevention
- Regular security updates
Infrastructure Security Diagram
Compliance & Audit
We maintain ISO 27001:2022 certification and comprehensive audit logging for regulatory compliance.
- ISO 27001:2022 certified
- GDPR compliant
- Comprehensive audit logs
- Regular security assessments
Compliance & Audit Diagram
What Happens to Your Data?
Transparency is key. Here's exactly what we do (and don't do) with your data.
We Do
- • Process your text in memory
- • Return results immediately
- • Log access for security audits
- • Encrypt all communications
- • Store your account settings
✕We Don't
- • Store your original text
- • Train AI models on your data
- • Share data with third parties
- • Transfer data outside the EU
- • Keep logs of processed content
Learn More About Our Security
Explore our comprehensive security documentation and compliance certifications.