In addition to our ongoing bug bounty program, we conduct rigorous annual penetration tests with world-class independent security consulting firms.
We save daily encrypted backups for 30 days to ensure your data is safe and secure, and store them redundantly across multiple availability zones. We use third-party monitoring services to track Affinity's availability and have engineers on-call to rapidly investigate and address any outages.
Any access to customer data in cases when customers need our assistance is exhaustively logged and regularly audited. No data is accessed unless we cannot provide support to our customers without doing so.
If you believe you’ve discovered a bug in Affinity’s security, please get in touch at firstname.lastname@example.org. Our security team promptly investigates all reported issues.