Security

Last updated: March 16, 2026

Data encryption

Data is encrypted in transit (TLS) and at rest. OAuth tokens are encrypted with AES-256-GCM before storage.

Authentication

We use Supabase for secure authentication. Passwords are hashed. We support email verification and password reset.

OAuth token handling

When you connect social platforms, we store access and refresh tokens encrypted. We only request the scopes required for the features you use. You can disconnect accounts at any time.

No scraping

We do not scrape platforms. We use official APIs only and comply with each platform's terms and rate limits.

Platform compliance

We follow Reddit, X, LinkedIn, and other platform API policies. We do not encourage spam, automation abuse, or policy violations.

Security vulnerability disclosure

If you discover a security vulnerability, please report it to [email protected]. We will respond promptly.

Abuse reports

For spam, misuse, harassment, or policy abuse, contact [email protected].

Contact

For security questions, visit our Contact page.