Security
Your store's security is our top priority. Learn how we protect your data.
Encryption at Rest
All stored data is encrypted using AES-256 encryption, the same standard used by financial institutions.
Encryption in Transit
All data transmitted between your browser and our servers is protected with TLS 1.3 encryption.
Shopify Certified
We follow Shopify's security guidelines and are approved through their rigorous app review process.
Access Controls
We only request the minimum Shopify permissions needed to provide our service.
Our Security Practices
Infrastructure Security
- Hosted on secure, SOC 2 compliant cloud infrastructure
- Regular security audits and penetration testing
- Automated vulnerability scanning
- DDoS protection and mitigation
- Redundant systems with automatic failover
Data Protection
- AES-256 encryption for data at rest
- TLS 1.3 encryption for data in transit
- Secure key management practices
- Regular encrypted backups
- Data isolation between customer accounts
Application Security
- Secure coding practices and code reviews
- OAuth 2.0 authentication with Shopify
- Input validation and sanitization
- Protection against OWASP Top 10 vulnerabilities
- Regular dependency updates and security patches
Operational Security
- Employee background checks
- Security awareness training
- Principle of least privilege access
- Audit logging and monitoring
- Incident response procedures
Compliance
We are committed to compliance with applicable data protection regulations including GDPR and CCPA. We maintain documentation of our data processing activities and can provide Data Processing Agreements upon request.
Reporting Security Issues
If you discover a security vulnerability, please report it to us at security@clyro.io. We appreciate responsible disclosure and will work with you to address any issues promptly.
Questions?
For security-related questions or concerns, please contact our security team at security@clyro.io or visit our contact page.