Security at Brixor
Your data is protected by industry-standard encryption, SOC 2 Type II certification, and rigorous security controls at every layer of our infrastructure.
Compliance & Certifications
We undergo rigorous third-party audits and maintain compliance with industry standards.
SOC 2 Type II
Annual third-party security audit verifying our controls
GDPR
EU General Data Protection Regulation compliant
CCPA
California Consumer Privacy Act compliant
PCI DSS
Payment Card Industry compliance via Stripe Level 1
Penetration Testing
Brixor undergoes annual penetration testing conducted by independent third-party security firms. Findings are triaged and remediated before results are published internally. Critical vulnerabilities are patched within 24 hours.
Automated Backups
Neon PostgreSQL performs automated continuous backups with point-in-time recovery. Backups are retained for 30 days. In the event of data loss, we can restore to any point within that window with near-zero data loss.
Incident Response
We maintain a documented incident response plan. In the event of a data breach affecting your personal data, we will notify affected users within 72 hours in compliance with GDPR and applicable US state laws.
Vulnerability Disclosure Program
If you discover a security vulnerability in Brixor, we want to know about it. Please report it responsibly and we will work with you to resolve it promptly. We do not take legal action against researchers who follow responsible disclosure.