Stackd
Log in

Security at Stackd

We take security seriously. Your task data is protected by enterprise-grade infrastructure and industry-standard security practices.

Encryption at Rest

All data stored in our database is encrypted at rest using AES-256 encryption, the same standard used by banks and government agencies.

Encryption in Transit

All connections to Stackd are encrypted using TLS 1.3. Your data is protected as it travels between your device and our servers.

Secure Authentication

Passwords are hashed using bcrypt with automatic salting. We never store plain-text passwords and support secure session management.

PCI Compliant Payments

Payment processing is handled by Stripe, a PCI-DSS Level 1 certified processor. Your card details never touch our servers.

SOC 2 Infrastructure

Our database is hosted by Supabase on SOC 2 Type II compliant infrastructure with automatic backups and disaster recovery.

Row-Level Security

Database access is protected by row-level security policies, ensuring users can only access their own data — enforced at the database level.

Our Infrastructure Partners

Supabase

Our database and authentication provider. Supabase is built on PostgreSQL and provides enterprise-grade security features including:

  • SOC 2 Type II compliance
  • HIPAA compliance available
  • Data encrypted at rest with AES-256
  • Automatic daily backups with point-in-time recovery
  • Network isolation and DDoS protection

Stripe

Our payment processor. Stripe maintains the highest level of certification in the payments industry:

  • PCI-DSS Level 1 certified
  • SOC 1 and SOC 2 compliant
  • Card data never touches Stackd servers
  • Advanced fraud detection

Vercel

Our application hosting platform. Vercel provides:

  • SOC 2 Type II compliance
  • Automatic HTTPS with TLS 1.3
  • Global edge network with DDoS protection
  • Isolated serverless function execution

Security Practices

Minimal Data Collection: We only collect the data necessary to provide the service. We don't track you across websites or sell your data.

Regular Updates: We keep all dependencies and infrastructure components up to date with security patches.

Access Controls: Internal access to production systems is strictly limited and logged.

Report a Vulnerability

If you discover a security vulnerability, please report it responsibly by emailing security@stackd.today. We appreciate your help in keeping Stackd secure and will acknowledge your contribution.