Security at LightningSync
We treat your data with the highest level of security. Here is how we protect your information.
Encryption
All sensitive data is encrypted at rest and in transit.
- •AES-256-GCM encryption for credentials
- •TLS 1.2+ for all network traffic
- •Supabase Vault for secret management
Database Security
Your data lives in your Supabase database, protected by Row Level Security (RLS).
- •Rigorous RLS policies for access control
- •Isolated schemas for customer data
- •Regular automated backups
Infrastructure
Hosted on enterprise-grade infrastructure.
- •Hosted on AWS via Supabase
- •DDoS protection via Cloudflare
- •Vercel for frontend edge deployment
Our Practices
Minimal data access policy.
- •We do not store your ad data, only sync it
- •No third-party tracking on our dashboard
- •Employees have no access to customer data
Compliance & Trust
We are compliant with GDPR and CCPA regulations. We use official APIs from Meta, Google, TikTok, and Square, strictly adhering to their developer policies and data usage terms.
Read our Privacy Policy →Have a security concern? Contact the founder at hello@lightningsync.dev