The security of your health data is our top priority. Here are the security layers that keep you safe.
All health data is encrypted in transit with TLS 1.3 and at rest with AES-256 encryption.
Full compliance with Turkish KVKK and EU GDPR regulations. You have the right to download and delete your data.
Secure session management with Supabase Auth. Google and Facebook OAuth, email verification supported.
Hosted on Vercel, Supabase PostgreSQL database. DDoS protection, automatic backups.
Every API endpoint requires authentication. Rate limiting (10 requests/minute) enforced.
Only necessary data is collected. Health data stored in encrypted columns. Maximum 2-year retention.
All user inputs are sanitized. Protection against XSS, SQL injection, and other OWASP threats.
Real-time error monitoring and performance tracking with Sentry. Security events reported instantly.
Found a security vulnerability? Please report it to us.
security@doctopal.com
