ScriptKit Logo
ScriptKit

Security

Last updated: December 2024

Our Commitment to Security

At ScriptKit, security is a top priority. We implement industry-standard security practices to protect your data and ensure the integrity of our platform. This page outlines our security measures and practices.

Infrastructure Security

  • All data is hosted on secure, SOC 2 compliant cloud infrastructure
  • Network traffic is monitored and protected by firewalls
  • Regular security audits and vulnerability assessments
  • Automated threat detection and response systems
  • Redundant systems and regular backups for data protection

Data Encryption

  • All data in transit is encrypted using TLS 1.3
  • Data at rest is encrypted using AES-256 encryption
  • Database connections are encrypted end-to-end
  • API communications are secured via HTTPS

Authentication & Access Control

  • Secure password hashing using industry-standard algorithms
  • Support for multi-factor authentication (MFA)
  • Session management with automatic timeouts
  • Role-based access control for team features
  • OAuth 2.0 integration for third-party authentication

Payment Security

All payment processing is handled by Stripe, a PCI DSS Level 1 certified payment processor. We never store your full credit card details on our servers. Stripe handles all sensitive payment information securely.

Data Privacy

  • Your content and scripts are private by default
  • We do not sell your data to third parties
  • AI models are used only to process your requests
  • You can request data deletion at any time
  • We comply with GDPR and CCPA regulations

Incident Response

We have a comprehensive incident response plan in place. In the unlikely event of a security breach, we will notify affected users within 72 hours as required by applicable regulations, and take immediate steps to mitigate any impact.

Employee Security

  • Background checks for all employees with data access
  • Security awareness training for all team members
  • Principle of least privilege for system access
  • Regular access reviews and audits

Vulnerability Disclosure

We appreciate the security research community's efforts to help keep our users safe. If you discover a security vulnerability, please report it responsibly to our security team. We ask that you give us reasonable time to address the issue before public disclosure.

Contact Security Team

For security concerns, vulnerability reports, or questions about our security practices, please contact us at support@scriptkit.ai

← Back to Home