1. Overview
SignalGlow is designed with security as a core requirement. This page summarizes practical safeguards we apply to protect user accounts, platform data, and service availability.
2. Account and Authentication
3. Data Protection
We use transport security (TLS/HTTPS) and access controls to protect data in transit. Where storage is used, we apply least-privilege access and keep secrets out of client-side code.
Please review our Privacy Policy for details on data collection and retention.
4. Security Headers and Browser Protections
The platform is configured with baseline security headers (such as clickjacking protection, content type protections, strict referrer policy, and HSTS where applicable) to reduce common web risks.
5. Third-Party Services and Providers
SignalGlow uses third-party services for market data, hosting, and operational infrastructure. We follow a principle of minimum required access and do not embed secrets in publicly accessible code.
See Attribution & Licenses for acknowledgements.
6. Responsible Disclosure
If you believe you have found a vulnerability, please email security@signalglow.com with steps to reproduce. Please do not publicly disclose issues before we have had a reasonable opportunity to investigate and mitigate.