We take data security very seriously, including the following precautions:
1. The site has an SSL certificate installed.
2. All users are required to have a strong password with at least 8 characters, 1 number and 1 special character.
3. The app is hosted in a
DigitalOcean droplet and secured via best practices.
The app and database are hosted in DigitalOcean's NYC1 datacenter which is SOC2 certified.
4. We regularly scan for vulnerabilities via
Astra.
5. Users are automatically logged out after 60 minutes of inactivity. Any quality checks that are scheduled will continue to run in the background, though.
6. Passwords are required to be reset every 90 days.
7. Subscription payments are facilitated via
Stripe and we don't store nor see your payment information.
8. We offer two-factor authentication via SMS and an authenticator app. We strongly encourage you to turn on two-factor authentication, though we don't require it.