Security
How we protect your data and the infrastructure behind Reapify.
Encryption
All data is encrypted in transit and at rest using industry-standard encryption. Authentication tokens are managed via secure HTTP-only cookies and are never stored in plain text.
Authentication & Access Control
User authentication is handled with secure session management and industry-standard protocols. Strict access controls ensure users can only access their own data.
Infrastructure
Our platform runs on enterprise-grade managed infrastructure with automatic scaling, redundancy, and continuous monitoring.
Application Security
We enforce strict HTTP security headers and follow OWASP best practices. Stack fingerprinting is disabled, and all responses are hardened against common attack vectors.
Data Isolation
Each user's data is logically isolated at the database level. Campaign data, leads, and account information are scoped to individual accounts and cannot be accessed by other users.
AI Data Handling
When AI features are used, publicly available website content, screenshots, and business metadata (name, niche, location, contact availability) are sent to our AI provider for analysis. Your personal account information (email, password, payment details) is never shared with AI providers.
Account Deletion
You can delete your account and all associated data at any time from your account settings.
Subprocessors
Reapify works with a limited set of infrastructure and AI subprocessors. All subprocessors are covered under contractual data protection agreements. A current list of subprocessors is available upon request at [email protected].
Responsible Disclosure
If you discover a security vulnerability, please report it to [email protected]. We take all reports seriously and will respond within 48 hours.