Security

Last updated: April 21, 2026 · Pilot-stage draft.

Pilot-stage draft. SOC 2 Type I audit is planned for 2026.

Data in transit

All customer-facing endpoints are served over TLS 1.3 at the Cloudflare edge. HTTP is redirected to HTTPS before requests reach the application.

Data at rest

Production customer and venue data lives in managed Postgres with encryption at rest. Development sandboxes are isolated and are not part of the production serving path.

Authentication

Passwords hashed with bcrypt (cost factor 10).
Sessions use signed JWTs delivered in secure, HttpOnly cookies with a 7-day expiry and environment-scoped secrets.
CORS restricted to an environment-scoped allowlist in production.
Per-IP rate limits cover auth, public capture, public scan, newsletter, lead, and key owner/admin mutation endpoints.

Privacy hygiene

Public scan endpoints log a truncated SHA-256 of the client IP with a salt; raw IPs are never persisted. Admin impersonation is visibly flagged inside the owner workspace so staff do not mistake it for a first-party owner session.

Reporting a vulnerability

Please email security@loyaltychips.com. We acknowledge reports within 3 business days.