Security

Last Update: 10/10/2021

We pledge to keep your data secure, follow security best practices, and never sell or share your data with any third party.

Annual third party audit

We use a reputable third party vendor to perform a yearly security audit. The audit includes application penetration testing (for the extension), external penetration testing (for the cloud infrastructure) as well as a comprehensive review of our cloud setup, security protocols and security measures that we have in place. Feel free to reach out to inquire about the details of the audit.

Deleting account and removing all data

We hate to see our users go. You can remove all your data from Bardeen with a few clicks from the settings page. Learn more here.

Encryption and other information

  • Bardeen uses TLS 1.2 for securing in-transit data as well 256-bit AES encryption at rest on our cloud infrastructure.
  • Infrastructure as code: all our infrastructure services are deployed using declarative configuration, all changes are versioned and stored.
  • All code changes undergo a peer-review.
  • The code is automatically scanned for known security vulnerabilities and patches are applied in a timely manner.

Security contact

Please send any security related information or inquiries (including vulnerability disclosures) to security@dev.me