Security
Information about how we protect your data at Sodapp.
Encrypted Connections
All communications between your browser/app and our servers are encrypted with HTTPS.
Google Cloud Infrastructure
Our platform is hosted on Google Cloud Platform, which holds recognized security certifications.
Secure Authentication
Passwords are stored securely and sessions expire automatically.
Restricted Access
Each user can only access the data of their own account.
Our Infrastructure
Sodapp is hosted on Google Cloud Platform (GCP). Google Cloud holds security certifications such as SOC 1/2/3 and ISO 27001, although these certifications correspond to Google, not to Sodapp directly.
We use Google Cloud Run to run our application and Cloud SQL for the database, with automatic backups enabled.
Measures We Implement
- Mandatory HTTPS on all connections
- Hashed passwords (we do not store passwords in plain text)
- Session tokens with automatic expiration
- Input data validation
- Data access segregated per user
WhatsApp Data
WhatsApp messages are processed to extract order information. We use Meta's official WhatsApp Business API and comply with its usage policies.
Limitations
We want to be transparent: no system is 100% secure. We do our best to protect your information, but we cannot guarantee absolute security.
We recommend that you:
- Use strong and unique passwords
- Do not share your access credentials
- Log out on shared devices
- Let us know if you detect suspicious activity
Reporting Security Issues
If you discover a vulnerability or have security questions, contact us through our form indicating "Security" in the message.