Security Policy

1. Our Security Commitment

At Green Tape Company, we take the security of your personal and payment information seriously. We implement industry-standard security measures to protect your data from unauthorized access, disclosure, alteration, and destruction.

2. Data Encryption

All data transmitted between your browser and our servers is encrypted using TLS (Transport Layer Security). We use HTTPS for all communications to ensure your information remains private and secure.

3. Payment Security

We use Stripe for payment processing. Stripe is a PCI-DSS Level 1 certified payment processor, the highest level of certification available. Your payment card information is never stored on our servers. It is securely handled directly by Stripe.

4. Authentication & Access Control

We protect your account through:

• Passwordless sign-in with secure, single-use magic links (no passwords to steal or reuse)
• Sign-in links sent only to your verified email address
• Secure session management with automatic timeout
• Row-level security for database access control

5. Infrastructure Security

Our application is hosted on Vercel with automatic security updates and DDoS protection. Our database is hosted on Supabase with encrypted storage, automated backups, and isolated network access.

6. Security Best Practices for Users

We recommend you:

• Keep access to your email account secure, since your sign-in links are sent there
• Do not share your sign-in links with others
• Log out when using shared or public computers
• Keep your browser and operating system updated
• Be cautious of phishing emails pretending to be from us

7. Reporting Security Issues

If you discover a security vulnerability or have concerns about our security practices, please contact us immediately at security@greentapecompany.com

We take all security reports seriously and will respond promptly to investigate and address any issues.