How We Protect Your Presentations and Data

Security is fundamental to our platform. Your presentations contain proprietary information, and we take protecting them seriously.

Data Encryption

In Transit

  • All connections use TLS 1.3 encryption
  • HTTPS enforced for all web traffic
  • Encrypted connections to database and storage

At Rest

  • AES-256 encryption for all stored files
  • Encrypted database storage
  • Encrypted backups

Access Control

Authentication

  • Strong password requirements
  • bcrypt hashing for password storage
  • Optional multi-factor authentication
  • Account lockout after failed attempts

Authorization

  • Role-based permissions system
  • Separate user data isolation
  • Team permission controls

Infrastructure Security

  • Virtual private cloud (VPC) architecture
  • Web application firewall (WAF)
  • DDoS protection
  • Regular security updates
  • 24/7 system monitoring

Monitoring & Response

  • Real-time security alerts
  • Intrusion detection
  • Automated threat response
  • Incident logging and analysis

Compliance

Current

  • • GDPR compliant (EU data protection)
  • • CCPA compliant (California privacy)
  • • WCAG 2.1 Level AA (accessibility)

In Progress

  • • SOC 2 Type I certification
  • • SOC 2 Type II (within 12 months)

Responsible Disclosure

Found a security vulnerability? We appreciate responsible disclosure:

  • Email security reports to security@slideflow.app
  • Don't exploit or share vulnerabilities publicly
  • Allow reasonable time for us to address the issue
  • We acknowledge and credit security researchers (with permission)
    Security | SlideFlow - How We Protect Your Data