Security at techtone.ai

At techtone.ai, we implement industry-standard security measures to protect your data and ensure the integrity of our platform.

Our infrastructure is built on trusted, enterprise-grade platforms:

• Google Cloud Platform: AI processing (Vertex AI) and cloud infrastructure
• Supabase: Database hosting with built-in security features and Row-Level Security (RLS)
• Vercel: Frontend hosting with automatic HTTPS and DDoS protection

All our infrastructure providers maintain industry certifications and compliance standards.

We implement multiple layers of access control:

• Password Security: All passwords are hashed using bcrypt with individual salts
• Row-Level Security: Database policies ensure users can only access their own data
• API Authentication: Secure service role keys and authentication tokens
• Session Management: Secure session cookies with HttpOnly and SameSite flags

We continuously monitor and improve our security posture through:

• Regular security assessments and vulnerability scanning
• Automated dependency updates to patch known vulnerabilities
• Code reviews with security best practices in mind
• Monitoring and alerting for suspicious activity

While we work hard to protect your data, security is a shared responsibility:

• Use a strong, unique password for your account
• Never share your account credentials
• Log out from shared or public devices
• Review AI-generated code before deploying to your live store
• Keep backups of your Shopify theme
• Report any security concerns to security@techtone.ai

If you discover a security vulnerability, please report it to us immediately at security@techtone.ai.

We take all security reports seriously and will investigate promptly. Please do not publicly disclose vulnerabilities until we have had a chance to address them.