techtone AI logo
Back to Home

Security at techtone.ai

Your data security is our top priority. Learn about the measures we take to protect your information.

Encryption

All data is encrypted in transit using TLS/SSL and at rest using AES-256 encryption.

Secure Infrastructure

Hosted on Google Cloud Platform and Supabase with enterprise-grade security.

Access Controls

Row-Level Security policies ensure users can only access their own data.

GDPR Compliant

We process Shopify’s mandatory GDPR webhooks: customer data request, customer eraser, and shop data erasure.

Our Security Practices

At techtone.ai, we implement industry-standard security measures to protect your data and ensure the integrity of our platform.

Data Protection

✓ Encryption at Rest

All stored data is encrypted using AES-256 encryption, including module configuration data, OAuth credentials, and billing records.

✓ Encryption in Transit

All data transmitted between your browser and our servers is encrypted using TLS 1.3 (Transport Layer Security).

✓ Shopify OAuth Tokens

Your Shopify store access tokens are encrypted before storage and are never exposed in logs or external systems.

Infrastructure Security

Our infrastructure is built on trusted, enterprise-grade platforms:

  • Google Cloud Platform: Cloud Functions and supporting infrastructure
  • Supabase: Database hosting with built-in security features and Row-Level Security (RLS)
  • Vercel: Frontend hosting with automatic HTTPS and DDoS protection

All our infrastructure providers maintain industry certifications and compliance standards.

Access & Authentication

We implement multiple layers of access control:

  • Password Security: All passwords are hashed using bcrypt with individual salts
  • Row-Level Security: Database policies ensure users can only access their own data
  • API Authentication: Secure service role keys and authentication tokens
  • Session Management: Secure session cookies with HttpOnly and SameSite flags

Regular Security Audits

We continuously monitor and improve our security posture through:

  • Regular security assessments and vulnerability scanning
  • Automated dependency updates to patch known vulnerabilities
  • Code reviews with security best practices in mind
  • Monitoring and alerting for suspicious activity

Your Responsibilities

While we work hard to protect your data, security is a shared responsibility:

  • Use a unique, secure password for your Shopify account to protect your store connection
  • Never share your Shopify staff credentials
  • Log out from shared or public devices
  • Review module settings before publishing to your live storefront
  • Report any security concerns to security@techtone.ai

Reporting Security Issues

If you discover a security vulnerability, please report it to us immediately at security@techtone.ai.

We take all security reports seriously and will investigate promptly. Please do not publicly disclose vulnerabilities until we have had a chance to address them.

Questions?

Have questions about our security practices? We're here to help.

Contact Security TeamRead Privacy Policy