Security First
Security at RecallBricks
We implement industry-standard practices to protect your data and ensure the integrity of our service.
Data Protection
Encryption
- In Transit: TLS 1.3
- At Rest: AES-256
- API Keys: bcrypt hashed
Infrastructure
- Production-grade hosting
- Regular security audits
- DDoS protection
- 24/7 monitoring
Access Controls
- Row-level security
- API key authentication
- User data isolation
- Rate limiting
Authentication
- bcrypt password hashing
- JWT session management
- API key rotation
- OAuth support (coming)
Compliance
GDPR Compliant
Full data protection compliance
Data Deletion
Delete your data anytime
Data Portability
Export in standard formats
Privacy by Design
Security in every feature
See our Privacy Policy for details.
Vulnerability Disclosure
Found a security issue? We appreciate responsible disclosure.
Report Security Issues
Please include:
- Description of the vulnerability
- Steps to reproduce
- Potential impact
Our Commitment
- Respond within 48 hours
- Keep you updated on progress
- Credit you publicly (if desired)
- Fix critical issues within 7 days
Security Best Practices
For Developers Using RecallBricks
Protect Your API Keys
- Store keys in environment variables (never in code)
- Never commit keys to version control
- Use
.envfiles and add to.gitignore - Rotate keys regularly
Good - Environment variable
api_key = os.getenv('RECALLBRICKS_API_KEY')Bad - Hardcoded
api_key = 'rb_1234567890'Certifications & Audits
Infrastructure
Production-ready infrastructure with monitoring and reliability focus
Audits
Annual third-party security audits
Compliance
GDPR, CCPA ready
Questions?
We're happy to discuss our security practices in detail.
Last Updated: November 24, 2025