Security
How we keep your data and applications secure
Encryption
All data encrypted in transit and at rest
SOC 2 Compliance
Built on Supabase's enterprise-grade infrastructure
API Security
UUID API keys with rate limiting and CORS protection
Data Isolation
Row-level security ensures complete data isolation
Security Practices
Data Encryption
- TLS 1.3 for all data in transit
- AES-256 encryption for data at rest
- Encrypted database backups
Access Control
- Multi-factor authentication support
- Role-based access control (RBAC)
- API key rotation capabilities
- Session management with automatic expiry
Infrastructure Security
- Hosted on secure cloud infrastructure
- Regular security audits and penetration testing
- DDoS protection
- Web Application Firewall (WAF)
Compliance
- GDPR compliant
- CCPA compliant
- SOC 2 Type II (via Supabase)
- Regular third-party security assessments
Data Privacy
Your data is yours
We never sell or share your data with third parties. Your feedback data is only accessible to your organization members.
Data Ownership
You retain full ownership of all data collected through DebugGo
Data Portability
Export your data at any time via API or dashboard
Data Retention
Data is retained for 90 days after account closure, then permanently deleted
Security Reporting
Found a vulnerability?
We take security seriously and appreciate responsible disclosure
If you discover a security vulnerability, please report it to us immediately.
Email: security@debuggo.dev
PGP Key: Download our PGP key
Bug Bounty
We offer rewards for responsibly disclosed security vulnerabilities. Contact us for details.