Encryption at Rest
All data is encrypted using AES-256 encryption in our Supabase PostgreSQL database.
Security
We implement industry-standard security measures to protect your customer data.
All data is encrypted using AES-256 encryption in our Supabase PostgreSQL database.
TLS 1.3 encrypts all data transmitted between your devices and our servers.
Database policies ensure users can only access their own data, enforced at the database level.
Hosted on Cloudflare Pages and Supabase with DDoS protection and global CDN.
We conduct regular security assessments and vulnerability scans.
3-day breach notification to PDPC as required by Singapore PDPA compliance.
PDPA Singapore: We comply with the Personal Data Protection Act 2012, including consent requirements, data retention policies, and breach notification procedures.
SOC2 Ready: Our infrastructure and processes are designed to meet SOC2 Type II requirements. Enterprise customers can request our security documentation.
GDPR: While primarily serving Singapore/ASEAN markets, our data handling practices align with GDPR principles for international users.
We take security seriously. If you discover a vulnerability, please report it responsibly to security@paddly.io. We appreciate your help in keeping Paddly.io safe.