Data Security

Encryption

All data transmitted between your browser and LinkedLoop is encrypted using TLS 1.3. Data at rest is encrypted using AES-256 encryption. API keys and sensitive credentials are stored using industry-standard secret management practices and are never exposed to the client.

Access Controls

Access to user data is restricted to authorised personnel only. We use role-based access controls, multi-factor authentication for administrative access, and audit logging for all data access events. Third-party service integrations use scoped API tokens with minimal required permissions.

Data Retention

Your post content submitted for analysis is processed in real-time and not stored beyond the session unless you explicitly save it to your history. Account data is retained while your account is active. Upon account deletion, all personal data is permanently removed within 30 days.

Infrastructure

LinkedLoop is hosted on AWS with data centres that maintain SOC 2 Type II and ISO 27001 certifications. We use automated security scanning, dependency vulnerability monitoring, and regular security reviews to maintain a strong security posture.

Incident Response

In the event of a security incident, we will notify affected users within 72 hours as required by applicable regulations. Our incident response plan includes containment, investigation, remediation, and transparent communication.