▸ Trust + security

Your data. Your terms.

We hold your brand voice, your reviews, your draft creative. Here’s exactly how we treat it. Skip to: subprocessors · security · privacy · vuln reporting · contact.

🇪🇺
EU-hosted

Hetzner Falkenstein DE primary. UK ICO registered. GDPR compliant by default.

🔐
Encrypted everywhere

TLS 1.3 in transit. Encrypted-at-rest databases. Brand profile JSON at mode 0600.

🔑
Argon2id passwords

OWASP-2024 parameters. HMAC-signed sessions. RFC 6238 TOTP 2FA optional.

🏠
Self-host option

Sovereignty Package puts everything on your hardware. We literally have no access.

🔌

Subprocessors

Third parties we share customer data with to operate the service. Listed in plain English with what they do and where they’re hosted.

Google Cloud (Gemini)
AI generation (ad copy, images, email content, trends research)
EU + US
Stripe
Subscription billing + invoices (hosted plan only)
US, EU
Resend / SES
Transactional email delivery (only if SCARIF_RESEND_KEY configured)
US, EU
Cloudflare
DNS + CDN edge for hosted plan
Global
Hetzner / DigitalOcean
Application hosting (hosted plan)
EU (Falkenstein DE)
Backblaze B2 / Cloudflare R2
Encrypted off-site backups (only if SCARIF_BACKUP_* configured)
EU + US

Sub-processor changes are announced 30 days before they take effect via email to your notification address. Subscribe to subprocessor change notifications by emailing privacy@scarifone.com.

🔐

Security posture

  • Transport: HSTS-enforced TLS 1.2+ on every connection. Cookies are HTTP-only + Secure + SameSite=Lax.
  • Passwords: Argon2id (OWASP-2024 params). We never store or transmit cleartext passwords.
  • Session tokens: HMAC-signed, 30-day expiry, rotatable per-tenant secret.
  • 2FA: RFC 6238 TOTP available for every account (Authenticator app of choice).
  • Audit log: Every meaningful action logged per-tenant + visible to admins.
  • HTTP headers: CSP, X-Frame-Options DENY, X-Content-Type-Options nosniff, Referrer-Policy strict.
  • Rate limiting: Per-tenant on AI + sync routes — protects you from runaway costs and us from abuse.
  • Data isolation: Every tenant has its own data dir and signing secret; cross-tenant access requires session impersonation by a super-admin (logged + transparent to you).
  • Backups: Encrypted off-site nightly. Retention 30 days for hosted plan. Self-host: BYO backup strategy.

Working toward SOC 2 Type 1 — happy to share our progress checklist on request.

🇪🇺

Privacy + GDPR

  • Right to access / portability: One-click JSON export of every file we hold for your tenant via /security in the dashboard.
  • Right to erasure: One-click tenant deletion (with double confirmation) via /security. The data is gone immediately; we log the deletion request to a separate immutable log.
  • Data minimisation: We don’t collect what we don’t need. No third-party tracking pixels. No selling data, ever.
  • Data residency: Hosted plan EU primary by default. US / other regions available on Enterprise.
  • AI training: We never train models on customer data. Your brand voice and generated content stay yours.
  • Self-host: Data never leaves your hardware. We literally have no access.
🐛

Reporting a vulnerability

Found a security issue? Email security@scarifone.com with details. We acknowledge within 48h and aim to fix critical issues within 7 days. Responsible-disclosure researchers are credited (with permission) on this page once the fix is shipped.

We don’t currently run a paid bounty programme, but we’ll send a personal thank-you, credit you publicly if you’d like, and prioritise your future feedback.

📨

Contact

Last updated: 2026-04-29 · Subscribe to changes by emailing privacy@scarifone.com

Want a deeper conversation?

Have specific compliance / data-residency / DPA questions for your buyer? Tom answers them directly.

Talk to Tom →