Your Security is Our Priority
We protect your business data with industry-leading security practices and trusted infrastructure.
Quick Facts
- 🔒 TLS 1.3 encryption in transit
- 🛡️ AES-256 encryption at rest
- 💳 PCI compliant payments via Stripe
- ✅ SOC 2 infrastructure
- 🔐 2FA available for all users
Data Encryption
All your data is protected with industry-standard encryption at every level.
- In Transit: TLS 1.3 encryption for all data moving to/from our servers
- At Rest: AES-256 encryption for all stored data
- Payments: Credit card data handled entirely by Stripe—we never see card numbers
Secure Infrastructure
- DigitalOcean SOC 2 certified hosting
- Managed PostgreSQL with automatic encryption
- Cloudflare DDoS protection
- Network-level firewall rules
Security Practices
- Code reviews for all changes
- Dependency vulnerability monitoring
- Least-privilege access control
- OWASP secure coding guidelines
Payment Security
Powered by Stripe—trusted by millions of businesses worldwide.
Stripe Payment Processing
- PCI DSS Level 1 certified (highest available)
- We never see or store credit card numbers
- Payments go directly to your Stripe account
- Customers pay through Stripe’s secure forms
- Accept credit cards (Visa, Mastercard, Amex, Discover)
Key Stats
- PCI Level 1 — Highest Security Certification
- 0 — Card Numbers Stored
- Direct — Deposits to Your Bank
Privacy & Your Data
Your data belongs to you. Always.
Data Ownership
- You own all data you upload
- Export your data anytime
- Request deletion at any time
- We never sell your data
- No data used for advertising
Data Retention
- Active accounts: stored while active
- Deleted accounts: removed in 30 days
- Backups: retained 7 days for recovery
- Complete deletion available on request
Trusted Partners
- Stripe — Payments • PCI DSS Level 1
- Resend — Email • SOC 2 Type II
- Telnyx — SMS • SOC 2 Type II
- DigitalOcean — Hosting • SOC 2 Type II
- Cloudflare — CDN/Security • SOC 2 Type II
Access Control
Control who can see and do what in your account.
Role-Based Permissions
| Role | Access Level |
|---|---|
| Owner | Full access to everything |
| Admin | Customers, jobs, team, reports |
| Accountant | Financial reports, invoices |
| Field Tech | Assigned jobs, status updates |
| Sales | Leads, customer relationships |
Two-Factor Authentication
- Supports authenticator apps (Google Authenticator, Authy, etc.)
- Recovery codes for backup
- Available for all users
Activity Logs
- Login history and locations
- Changes to customers & invoices
- Settings modifications
- Audit trail for compliance
Report a Security Issue
If you discover a security vulnerability, please report it responsibly.
- Email: security@clippingcash.com
- We will acknowledge your report within 48 hours.