Security

How we protect your content, credentials, and data.

Infrastructure

Hosted on Vercel + Convex (SOC 2 Type II). All traffic over TLS 1.3. Secrets stored in Google Cloud Secret Manager. Daily encrypted backups.

Authentication

Clerk handles auth with support for email/password, magic links, Google, and MFA. Session tokens are short-lived JWTs signed with rotating keys.

Social account connections

OAuth tokens for connected social accounts are stored encrypted in Zernio's infrastructure. We never see or store your platform passwords — connections are revocable from your account or from each platform directly.

Webhooks

Incoming webhooks (Clerk, Zernio) verify HMAC-SHA256 signatures on every request. Outgoing integrations use scoped API keys.

Report a vulnerability

Email security@flayr.social with details. We'll respond within 48 hours and credit researchers in our disclosure list (with permission).