Last Updated: April 1, 2023

Get Report LLC (“Get Report”, “we”, “us”, or “our”) is committed to protecting your security. This Security Policy explains how we protect the application. Please read this Security Policy carefully. By using our Site, you acknowledge and agree to the terms of this Security Policy.

1. Chat History

1.1 Storage Security and Encryption

All chat history is stored on secure servers with restricted access. Data is encrypted both at rest and in transit. Regular data backups and redundancy measures are implemented.

1.2 Data Obfuscation

Any sensitive data is automatically obfuscated at the client-level. Encryption and security measures obscure sensitive information from unintended viewers.

2. Credentials and Access Management

2.1 No User Credentials

Get Report implements a Continuous Integration process that eliminates the need for user credentials. Team members are granted access internally without the use of traditional login information.

2.2 CTO-Only Access

Access to sensitive credentials is restricted to the CTO. These credentials are encrypted and stored as environment variables within the Digital Ocean infrastructure.

3. Source Code Management

3.1 Pull Request Mechanism

Get Report uses a strict Pull Request mechanism to ensure code is reviewed, secure, and properly vetted. This process prevents insecure or untested code from being deployed to instances.

3.2 Mandatory Code Reviews

All submitted code must undergo thorough code reviews by designated team members. Approvals from code reviewers are required before changes can be merged.

3.3 Security Auditing

Regular security audits are conducted on Get Report’s source code. Vulnerabilities and potential threats are assessed, mitigated, and documented.