Keeping our customers' data protected at all times is our highest priority. This security overview provides a high-level overview of the security practices put in place to achieve that objective. Have questions or feedback? Feel free to reach out to us at security@textrazor.com.
- User "text" provided as part of the TextRazor analysis API call is never stored on disk on any of our machines. We do not maintain logs containing your text, and do not use your documents to train our algorithms.
- The TextRazor API offers an SSL endpoint for secure communication between your software and our servers.
- Communication between TextRazor backend services is performed through encrypted SSL connections.
- User account passwords are safely stored encrypted with the bcrypt one-way hashing algorithm.
- User payment details (including Credit Cards) are stored securely with our payment processors, stripe.com. Your card details are never sent or stored on TextRazor's servers, Stripe is certified as a PCI Level 1 Service Provider.
- We’re compliant with the General Data Protection Regulation (GDPR). The purpose of GDPR is to protect the private information of EU citizens and give them more control over their personal data. You can find our Data Processing Terms at http://www.textrazor.com/terms
- All of our services run in the cloud. The TextRazor API is built on Amazon Web Services, OVH, and Hetzner. All of our hosting partners provide strong security measures to protect our infrastructure and are compliant with most certifications.
- TextRazor's infrastructure is highly available and geographically distributed, with 24/7 on call monitoring support.
- We back up all our critical assets and regularly attempt to restore the backup to guarantee a fast recovery in case of disaster. All our backups are encrypted.
Report a Potential Vulnerability
If you have discovered a potential vulnerability in any of the TextRazor services or website please notify us immediately through email at security@textrazor.com. We will immediately acknowledge receipt of your email and start working to fix the issue right away.
When reporting security issues, please be sure to include as much information as possible in your email. If possible this could include: A proof of concept demonstrating the issue, steps taken to reproduce the issue, and potential impact of the issue.
