Security

• All data in transit is encrypted with TLS 1.2 or higher
• All data at rest is encrypted using industry-standard algorithms
• Gmail and Slack OAuth tokens, and Stripe Restricted API Keys, are encrypted with AES-256-GCM before storage
• Sensitive fields in the database are encrypted independently of disk-level encryption

• Two-factor authentication is required for every internal team member
• Production access is limited to the team members who need it for support and operations
• Role-based permissions enforce the principle of least privilege
• Access is reviewed periodically and revoked immediately on personnel changes
• Each access to customer data is logged and auditable

• Founder accounts use secure password hashing and optional 2FA. Session tokens are rotated regularly.
• Stripe integration uses a customer-provided Restricted API Key with read-only scope (Customers, Subscriptions, Invoices, Charges, Payment Intents, Disputes). DropFix can read billing data but cannot charge cards, issue refunds, or modify any data in your Stripe account. You can revoke the key at any time from your own Stripe dashboard — see the connect-Stripe guide for details.
• Gmail and Slack integrations use OAuth 2.0 with scoped permissions. We request only the minimum scope required (Gmail: send-only; Slack: incoming-webhook only).
• Disconnecting an integration deletes the stored credentials immediately. For OAuth integrations (Gmail, Slack) we also revoke the token with the provider. For Stripe, you revoke the Restricted Key from your own Stripe dashboard.

• The DropFix SDK communicates only over HTTPS
• The SDK sanitises event payloads before transmission
• Tracking endpoints rate-limit per workspace to prevent abuse
• The SDK is served from a CDN. Security patches are automatically distributed to customers using the unversioned CDN URL.

When DropFix drafts a win-back email, only anonymised behavioural signals are sent to our AI provider. Personal data (names, emails, phone numbers) never leaves our system. Data sent to the AI provider is never used to train external models.

• Input validation and output encoding to prevent XSS and injection attacks
• Parameterized database queries to prevent SQL injection
• CSRF protection on every state-changing request
• Row-level security in the database to isolate workspace data
• Regular dependency scanning for known vulnerabilities

• Hosted on industry-standard cloud infrastructure with SOC 2 / ISO 27001 certifications
• Network-level firewalls and DDoS protection
• Automatic security patching of the underlying platform
• Daily encrypted database backups with 30-day retention
• Disaster recovery procedures documented and tested

• Behavioral events are retained for up to 12 months, then automatically deleted
• You can request immediate deletion of your workspace data at any time
• Deleted data is removed from backups within 30 days as backup snapshots roll forward

If we discover a security incident affecting customer data:

• We'll begin investigation immediately
• Affected customers will be notified within 72 hours of discovery
• The notification will include what happened, what data was affected, and what we're doing about it
• We'll cooperate with any regulatory or law-enforcement investigation

Found a vulnerability? Email security@dropfix.in with a description and reproduction steps. We'll acknowledge within 48 hours and work with you on a fix. We commit to:

• Not pursue legal action against good-faith researchers
• Investigate every report seriously
• Credit you publicly (with your permission) once a fix is shipped

DropFix is designed to comply with:

• GDPR (EU General Data Protection Regulation)
• CCPA (California Consumer Privacy Act)
• DPDP Act (India's Digital Personal Data Protection Act 2023)
• Google API Services User Data Policy (Limited Use)

For compliance documentation, sub-processor lists, or security questionnaires, email security@dropfix.in.