Last Updated: April 30, 2026
At Lownoise Photo Sites, we take security seriously. This page outlines the measures we implement to protect your data and ensure the safety of our platform.
Infrastructure Security
Hosting & Infrastructure
Lownoise Photo Sites is hosted on enterprise-grade infrastructure:
- Vercel: Edge network with automatic HTTPS, DDoS protection, and global CDN
- Supabase: SOC 2 Type II compliant database with automatic backups and point-in-time recovery
- AWS: Infrastructure built on Amazon Web Services with 99.99% uptime SLA
Encryption
All data is encrypted in transit and at rest:
- In Transit: TLS 1.3 encryption for all connections to Lownoise Photo Sites
- At Rest: AES-256 encryption for all database storage
- Passwords: Hashed using bcrypt with individual salts
Application Security
Authentication
- Secure password requirements (minimum 8 characters)
- Email verification for new accounts
- Session-based authentication with automatic timeout
- Password reset via secure email link
Access Controls
- Row-level security (RLS) in database to prevent unauthorized data access
- Role-based permissions for team members
- API authentication for all requests
- User-specific data isolation (you can only access your own data)
Input Validation
- All user inputs are validated and sanitized
- Protection against SQL injection, XSS, and CSRF attacks
- Rate limiting to prevent abuse and brute force attempts
Payment Security
Payment processing is handled by Stripe, a PCI DSS Level 1 certified payment processor:
- Lownoise Photo Sites never stores your credit card information
- All payment data is encrypted and processed securely by Stripe
- Stripe is compliant with PCI DSS, SOC 2, and ISO 27001 standards
Data Backup & Recovery
- Automated daily backups of all data
- Point-in-time recovery up to 30 days
- Geographically distributed backup storage for redundancy
- Regular disaster recovery testing
Monitoring & Incident Response
Continuous Monitoring
- 24/7 automated monitoring for security threats and anomalies
- Real-time alerts for suspicious activity
- Regular security audits and vulnerability scanning
- Application and infrastructure logging
Incident Response
In the event of a security incident:
- We will investigate and contain the incident immediately
- Affected users will be notified within 72 hours
- We will provide transparency about the incident and remediation steps
- Post-incident reviews are conducted to prevent recurrence
Third-Party Security
We carefully vet all third-party services and ensure they meet our security standards:
- Supabase: SOC 2 Type II, ISO 27001, HIPAA compliant
- Stripe: PCI DSS Level 1, SOC 2, ISO 27001 certified
- Vercel: SOC 2 Type II compliant
- Anthropic: Enterprise-grade AI with data privacy commitments
Compliance
Lownoise Photo Sites is designed to help you maintain compliance with:
- GDPR: European data protection regulation
- CCPA: California Consumer Privacy Act
- SOC 2: Infrastructure partners maintain SOC 2 Type II certification
Your Responsibilities
Security is a shared responsibility. You can help protect your account by:
- Using a strong, unique password for your Lownoise Photo Sites account
- Keeping your password confidential and not sharing it with others
- Logging out when using shared or public computers
- Reporting any suspicious activity immediately to hello@lownoise.studio
- Keeping your contact information up to date
Vulnerability Disclosure
If you discover a security vulnerability in Lownoise Photo Sites, please report it responsibly:
- Email us at hello@lownoise.studio with details of the vulnerability
- Allow us reasonable time to investigate and address the issue
- Do not publicly disclose the vulnerability until we have resolved it
We appreciate responsible disclosure and will work with you to understand and resolve any security concerns.
Security Updates
We continuously improve our security practices. This page is updated regularly to reflect our current security measures. For security-related inquiries, contact us at hello@lownoise.studio.
Contact
For security questions or to report a vulnerability:
Email: hello@lownoise.studio
Address: Brownsville, Texas
Last updated: April 30, 2026