Skip to main content
Legal

Security

Last updated: June 2026

Data encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256. We never store passwords — only secure session tokens via Better Auth.

Authentication

Frantiko uses passwordless authentication with email OTP and OAuth (Google, GitHub). Sessions expire automatically and support device-level revocation.

Infrastructure

Hosted on Vercel with Neon Postgres. Infrastructure is isolated per environment, and database access is restricted to application servers only.

Responsible disclosure

Found a security vulnerability? Please report it to security@frantiko.com. We will acknowledge receipt within 24 hours and provide a resolution timeline.

Compliance

We follow GDPR principles for all user data. You may request data export or deletion at any time via our contact page.

Questions? Contact our security team.