Security
At DayCanvas, protecting your personal memories is our top priority. We implement comprehensive security measures to ensure your journal entries remain private and secure.
Data Encryption
All data is encrypted both in transit (using TLS 1.3) and at rest (using AES-256 encryption). Your journal entries, photos, and voice recordings are protected with industry-leading encryption standards.
Infrastructure Security
We use Supabase and Vercel for our infrastructure, both of which maintain SOC 2 Type II compliance and undergo regular security audits. Our servers are hosted in secure data centers with 24/7 monitoring.
Authentication Security
We support secure authentication methods including email/password with strong password requirements, and OAuth providers like Google and Apple. All passwords are hashed using bcrypt.
Access Control
Your journal entries are private by default. Our team members do not have access to your personal content. Only you can choose to make entries public through our sharing features.
Data Backup
Your data is automatically backed up with point-in-time recovery capabilities. We maintain multiple redundant copies to prevent data loss.
Security Best Practices
We follow OWASP security guidelines, conduct regular security reviews, and keep all dependencies updated. We use automated vulnerability scanning to identify and address potential issues.
Reporting Security Issues
If you discover a security vulnerability, please report it to security@siliconblast.com.