Security at AImpact

• Encryption in Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.2+
• Encryption at Rest: All stored data is encrypted using AES-256 encryption
• Database Encryption: Our databases use industry-standard encryption for all stored information

• Clerk Authentication: We use Clerk for secure user authentication with multi-factor authentication support
• Role-Based Access: User permissions are managed through role-based access control (RBAC)
• Session Management: Automatic session timeout and secure session handling
• Password Requirements: Strong password policies enforced for all accounts

• Cloud Hosting: Hosted on secure cloud infrastructure with enterprise-grade security
• Firewall Protection: Network firewalls and DDoS protection
• Regular Updates: Operating systems and dependencies kept up-to-date with security patches
• Backup & Recovery: Automated daily backups with disaster recovery procedures

• 24/7 Monitoring: Continuous security monitoring and anomaly detection
• Audit Logs: Comprehensive logging of all system activities and access attempts
• Security Audits: Regular security assessments and vulnerability scans
• Incident Response: Documented procedures for handling security incidents

• PCI Compliance: We do not store credit card information; payments are processed through Stripe
• Secure Payments: All payment transactions use Stripe's secure infrastructure

While we implement robust security measures, you also play a role in protecting your account:

• Use a strong, unique password for your account
• Enable two-factor authentication when available
• Never share your login credentials with others
• Be cautious of phishing attempts and suspicious links
• Keep your contact information up to date
• Report any suspicious activity immediately