Trust & Security
Your data security is our top priority. Here's how we protect your store and customers.
Security Practices
Five layers of protection
Encryption in Transit
All data transmitted between your store and PerkStack is encrypted using TLS 1.3. No exceptions.
Encryption at Rest
Customer data is encrypted at rest using AES-256 encryption in our database infrastructure.
GDPR Compliant
We comply with GDPR, CCPA, and other privacy regulations. Data processing agreements available on request.
Data Isolation
Each merchant’s data is logically isolated. No cross-store data access is possible.
Regular Audits
We conduct regular security reviews and dependency audits to identify and address vulnerabilities.
Data Handling
Transparent by design
Full transparency about how your data is collected, stored, and accessed.
Collect
Only what’s needed: customer emails for loyalty, review content, and referral tracking. We never sell or share your data.
Retain
As long as your account is active. After closure, all data is permanently deleted within 30 days.
Access
Only PerkStack team members who need it for support, with full audit logging enabled.
Have security questions?
Our team is happy to answer any questions about data handling, compliance, or security practices.
Contact our security team