Security
Your security is our top priority. Here's how we protect your data.
End-to-End Encryption
All data in transit is protected with TLS 1.3 encryption. Data at rest is encrypted using industry-standard AES-256 encryption.
Secure Authentication
Passwords are hashed using bcrypt with salt. We support secure session management with automatic token refresh and secure logout.
Secure Infrastructure
Hosted on enterprise-grade cloud infrastructure with automated backups, redundancy, and 24/7 monitoring.
Access Controls
Strict access controls ensure only you can access your data. Row-level security policies protect your information at the database level.
Our Security Practices
We implement comprehensive security measures including:
- Regular security audits and penetration testing
- Automated vulnerability scanning
- Secure software development lifecycle (SDLC)
- Employee security training and access management
- Incident response and disaster recovery plans
Data Protection
✓ We DO
- Encrypt all data in transit and at rest
- Use secure, hashed password storage
- Maintain automated, encrypted backups
- Implement row-level security policies
- Monitor for suspicious activity
✗ We DON'T
- Store passwords in plain text
- Sell or share your data with third parties
- Access your data without your consent
- Use your content for advertising
Keeping Your Account Secure
We recommend the following practices to keep your account secure:
- Use a strong, unique password for your account
- Never share your password with anyone
- Log out when using shared computers
- Keep your email account secure
- Report any suspicious activity immediately
Reporting Security Issues
If you discover a security vulnerability, please report it to us at security@todolisthelper.com. We take all reports seriously and will investigate promptly.
Compliance
We are committed to maintaining compliance with applicable data protection regulations. Our infrastructure and practices are designed with privacy and security in mind.