Security

Security is fundamental to PauseBeforeBuy. We implement industry-standard practices to protect your data.

1. Data Encryption

In Transit

All data transmitted between your browser and our servers is encrypted using TLS 1.3 (HTTPS). This prevents anyone from intercepting your data.

At Rest

Your data is encrypted at rest in our database. Even if someone gained access to our database, they couldn't read your wishlist without the encryption keys.

2. Authentication

We use Kinde for authentication, a SOC 2 Type II certified provider trusted by thousands of companies. Kinde provides:

  • Secure password hashing (bcrypt)
  • Multi-factor authentication (MFA) support
  • OAuth integration (Google, etc.)
  • Session management and token rotation

3. Infrastructure

Hosting (Vercel)Provides automatic DDoS protection, edge caching, and global CDN distribution.
Database (Neon)Serverless PostgreSQL with automatic backups, point-in-time recovery, and encryption at rest.

4. Access Control

  • Your wishlist is only accessible to you (no public sharing by default)
  • All API endpoints require authentication
  • Role-based access control (RBAC) for different features
  • Rate limiting to prevent abuse

5. What We Don't Do

  • We don't store credit card information (handled by Stripe)
  • We don't log sensitive data like passwords or tokens
  • We don't share your data with third parties
  • We don't use third-party analytics that track you

6. Responsible Disclosure

If you discover a security vulnerability, please report it to us responsibly:

security@pausebeforebuy.com

Please include details about the vulnerability and steps to reproduce it. We'll respond within 48 hours and work with you to resolve the issue.