Security and Privacy
How cStar keeps your data safe.
Data Protection
Encryption
- All data encrypted in transit (TLS 1.3)
- Data encrypted at rest (AES-256)
- Secure password hashing (bcrypt)
Access Control
- Role-based permissions
- Session management
- Two-factor authentication (coming soon)
Privacy
What We Collect
- Account information (email, name)
- Support ticket data
- Usage analytics (anonymized)
What We Don't Do
- Sell your data to third parties
- Access your data without permission
- Store unnecessary personal information
Compliance
- GDPR compliant
- SOC 2 Type II certified
- Regular security audits
Your Rights
You can:
- Export all your data
- Request data deletion
- Update your information
- Control notification preferences
Reporting Issues
Found a security vulnerability? Please report it responsibly to security@cstar.help. We appreciate your help keeping cStar secure!