At KannanTech, we take the security of our users' data very seriously. This document outlines the measures we take to protect your information and how you can report security vulnerabilities to us.
1. Data Encryption
We use industry-standard encryption protocols to protect data in transit and at rest.
- In Transit: All data transmitted between your browser and our servers is encrypted using Transport Layer Security (TLS) 1.2 or higher.
- At Rest: Sensitive data stored in our databases (Supabase) is encrypted at rest using AES-256 encryption.
2. Authentication & Access Control
- We use secure OAuth 2.0 authentication via Google to ensure robust identity verification.
- We do not store your Google password. We only store the authentication tokens required to verify your identity.
- Access to production data is strictly limited to authorized personnel on a need-to-know basis.
3. Payment Security
All payments are processed by Razorpay, a PCI-DSS compliant payment processor. We do not store your full credit card number or CVV on our servers.
4. Responsible Disclosure
If you believe you have found a security vulnerability in our platform, we encourage you to let us know right away. We will investigate all legitimate reports and do our best to quickly fix the problem.
Please submit your report to security@kannantech.com.
In your report, please include:
- A description of the vulnerability.
- Steps to reproduce the issue.
- Any relevant screenshots or code snippets.
We ask that you do not publicly disclose the issue until we have had a reasonable amount of time to address it.