Lost and Found Items Near You

1. Encryption

We use industry-standard encryption protocols to protect your data both at rest and in transit. This includes:

SSL/TLS: All communications between your browser and our servers are encrypted via HTTPS.
At-Rest Encryption: Sensitive data stored on our databases and cloud storage is encrypted.
Secure Hashing: Passwords and other authentication tokens are hashed using modern, salted algorithms.

2. Authentication & Authorization

We employ robust authentication mechanisms to ensure only you can access your account:

Multi-Factor Authentication (MFA): Optional but recommended MFA for all user accounts.
Secure Sessions: Use of secure, HTTP-only cookies to manage user sessions.
Role-Based Access Control (RBAC): Strict internal policies to ensure that only authorized personnel have access to restricted data.

3. Access Control

Our internal systems are protected by multiple layers of security to prevent unauthorized access:

Private Networks: Most of our infrastructure sits behind virtual private clouds (VPCs).
Firewalls: Active firewalls monitor and filter incoming traffic to block malicious actors.
Managed Identities: Use of identity providers for internal system-to-system communications.

4. Continuous Monitoring

We actively monitor our platform for potential security threats and vulnerabilities:

Automated Scanning: Regular scans for known security flaws in our codebase and dependencies.
Log Analysis: Continuous auditing of system logs for signs of suspicious activity or unauthorized access.
Anomaly Detection: Using automated systems to flag unusual patterns in data access or user behavior.

5. Incident Response

In the event of a potential security incident, we follow a strict response protocol:

Immediate Investigation: Our security team is alerted to investigate any credible threats.
Containment: Rapid measures to isolate and minimize the impact of any compromised systems.
Notification: Timely communication with affected users in compliance with our Data Breach Policy.
Post-Mortem: In-depth analysis of every incident to prevent future occurrences.

6. Third-Party Security

We only partner with third-party service providers (like Supabase, Vercel, and Cloudflare) that meet our rigorous security standards and hold industry-recognized certifications.

1. Encryption

We use industry-standard encryption protocols to protect your data both at rest and in transit. This includes:

SSL/TLS: All communications between your browser and our servers are encrypted via HTTPS.

At-Rest Encryption: Sensitive data stored on our databases and cloud storage is encrypted.

Secure Hashing: Passwords and other authentication tokens are hashed using modern, salted algorithms.

2. Authentication & Authorization

We employ robust authentication mechanisms to ensure only you can access your account:

Multi-Factor Authentication (MFA): Optional but recommended MFA for all user accounts.

Secure Sessions: Use of secure, HTTP-only cookies to manage user sessions.

Role-Based Access Control (RBAC): Strict internal policies to ensure that only authorized personnel have access to restricted data.

3. Access Control

Our internal systems are protected by multiple layers of security to prevent unauthorized access:

Private Networks: Most of our infrastructure sits behind virtual private clouds (VPCs).

Firewalls: Active firewalls monitor and filter incoming traffic to block malicious actors.

Managed Identities: Use of identity providers for internal system-to-system communications.

4. Continuous Monitoring

We actively monitor our platform for potential security threats and vulnerabilities:

Automated Scanning: Regular scans for known security flaws in our codebase and dependencies.

Log Analysis: Continuous auditing of system logs for signs of suspicious activity or unauthorized access.

Anomaly Detection: Using automated systems to flag unusual patterns in data access or user behavior.

5. Incident Response

In the event of a potential security incident, we follow a strict response protocol:

Immediate Investigation: Our security team is alerted to investigate any credible threats.

Containment: Rapid measures to isolate and minimize the impact of any compromised systems.

Notification: Timely communication with affected users in compliance with our Data Breach Policy.

Post-Mortem: In-depth analysis of every incident to prevent future occurrences.

Data Security

1. Encryption

2. Authentication & Authorization

3. Access Control

4. Continuous Monitoring

5. Incident Response

6. Third-Party Security

Data Security

1. Encryption

2. Authentication & Authorization

3. Access Control

4. Continuous Monitoring

5. Incident Response

6. Third-Party Security