TRUST & SECURITY

How we protect your data

BindLedger handles sensitive security evidence. We take that responsibility seriously. Here's how we protect the data you share with us.

Data Handling

Scan Inputs

We query public DNS, certificate, and service data. No credentials required. No agents installed.

Uploaded Documents

Carrier questionnaires and evidence files are processed for parsing and mapping. Files are stored encrypted at rest and transmitted over TLS.

Evidence Packets

Generated packets contain only the data you choose to include. Shareable links are token-gated and expire.

Infrastructure

Hosted on Vercel (application) and Supabase (database and storage). All data encrypted at rest (AES-256) and in transit (TLS 1.2+).

Access Controls

Authentication via Clerk. Role-based access within teams. API endpoints require valid session tokens.

Read-Only Verification

Our scan operates in read-only mode. We do not modify DNS records, email configurations, or any aspect of your infrastructure. We observe — we do not touch.

Responsible Disclosure

Found a security issue? Contact security@bindledger.com. We appreciate responsible disclosure and will respond within 48 hours. See our security.txt.

Privacy & Terms

See our privacy policy for full details on data handling and user rights. See our terms of service for the complete terms of using BindLedger.