We use cookies to support core functionality and improve the experience. Essential cookies are required for basic features. Analytics cookies help us understand usage patterns.
Learn more in our Privacy Policy and Cookie Policy
Defense in Depth.
We take data security seriously.
Standards
Reasonable Practices
We prioritize the security of your data by using hosted infrastructure and taking steps to protect it. Security is an ongoing process and no system is perfect.
We may update this Policy from time to time. When we do, we will revise the "Last Updated" date at the top of this page.
Transit: Data is encrypted via TLS (SSL) during transmission where available.
Rest: The database is configured with safeguards at rest.
Authentication is handled by the service. We do not store raw passwords.
Optional but recommended: Enable 2FA for an extra layer of account protection. We support TOTP authenticator apps (Google Authenticator, Authy, 1Password), email-based OTP codes, and encrypted backup codes for account recovery. 2FA secrets are encrypted at rest where supported.
Access to production data is restricted to authorized personnel and limited by role. We aim to keep access minimal and logged.
Our hosting providers handle physical security of the underlying hardware.
We review performance and reliability signals to improve the Service.
We investigate security events, take corrective action, and communicate updates as appropriate.
If you provide your own AI API key, we use it to fulfill your requests. Keys are stored with encryption where supported and used only for your actions.
You are responsible for maintaining the confidentiality of your credentials. Use a strong, unique password.
Security Contact • security@oplinque.com
Report Vulnerabilities: security@oplinque.com