Security
How we protect your data and privacy.
Encryption
All data in transit is encrypted using TLS 1.3. All data at rest in our databases is encrypted using industry-standard algorithms.
Your passwords are never stored. We don't have them, so we can't lose them.
Limited Permissions
ScamBrake only requests minimal permissions needed to function:
- Read visible text on Gmail, Messenger, WhatsApp Web
- Store settings and preferences locally
We don't request access to your entire browsing history, downloads, or tabs you haven't opened.
Infrastructure
Our infrastructure is hosted on industry-leading providers with:
- 99.9% uptime SLAs
- Redundant backups
- DDoS protection
- Regular security audits
Security Audits
We conduct regular security audits and penetration testing. Our code is reviewed for vulnerabilities and updated promptly when issues are found.
Report a Vulnerability
Found a security issue? We take it seriously. Report it responsibly:
- Email: security@scambrake.com
- Please include steps to reproduce and any proof-of-concept
- We'll acknowledge receipt within 48 hours
- We'll keep you updated on our progress
We follow responsible disclosure practices. Please give us reasonable time to fix issues before public disclosure.
Compliance
We comply with applicable data protection laws including GDPR, CCPA, and others. If you have questions about compliance, contact privacy@scambrake.com.
Bottom line: We're not a bank, but we treat your privacy with the same care they would. Security is fundamental to what we do.