Your backlink strategy and Google Search Console data are critical business assets. Here's how we protect them.
Key takeaways
- AES encryption for all sensitive tokens
- TLS 1.3 encryption and daily backups protect your data
- EU hosting with enterprise security and DDoS protection
- Secure Google OAuth for login, no passwords stored
- Privacy-first analytics and GDPR compliant
How we keep your data safe
Encryption and data protection:
- All Google Search Console tokens are encrypted at rest with AES
- All data in transit uses TLS 1.3 encryption
- Daily backups stored off-site in Cloudflare R2
Infrastructure and monitoring:
- EU-based hosting (Hetzner) with security certifications
- DDoS protection and network firewalls
- Cloudflare as a CDN and WAF
Access controls:
- Principle of least privilege for all team access
- Only the CTO has access to production databases, servers, and API keys
- Contractors or employees do not have access to your data
- Multi-factor authentication required for all internal accounts
Development security:
- Automated code reviews and static analysis for vulnerabilities
- HTTPS enforced with security headers (CSP, HSTS)
- Protection against XSS, CSRF, and OWASP Top 10 vulnerabilities
Compliance and auditing:
- GDPR compliant - see our Privacy Policy
What you can do
- We exclusively use Google OAuth for sign-in, meaning we never store your password
- Use a strong Google account password
- Keep your devices and browser updated
- Report any suspicious account activity immediately to [email protected]
Security concerns
Found a vulnerability? Email [email protected] with details. We respond within 24 hours and will keep you updated on our investigation.
Questions about our security practices? Contact [email protected]
Protecting your data is an ongoing commitment. We continuously refine our security measures and welcome feedback from our users and the security community to help us improve.
