The security of your data is our highest priority at Safewill. This document outlines some of the policies, procedures and systems in place to ensure your data is protected.
All communication with Safewill's GraphQL API is encrypted using TLS, meaning data is secured with the same level of encryption used by financial institutions. This also goes for any communication between Safewill's API and third party services such as Paperplane, S3 and Mailgun.
Safewill uses Heroku's Continuous Protection service to backup data, allowing for rollbacks in the event of data loss.
Your credit card details are sent directly to our payment provider over encrypted connections and are not stored or logged on our database.
Safewill enforces the use of strong passwords through a number of requirements:
- Passwords must be a minimum of 8 characters
- Passwords must include a number or special character
- Passwords cannot contain the user's name or email address
Safewill also recommends that your password is unique for your Safewill account and updated regularly.
No plain text passwords are stored at any time.
Software libraries used by Safewill are regularly updated. Security updates from software libraries will be applied as soon as possible.