← Back to Suriya

Security

Your business data and your customers' data are handled with care.

HTTPS everywhere

All data in transit is encrypted via TLS 1.2+. HTTP connections are automatically redirected to HTTPS.

Encrypted at rest

Customer data, payment records, and account information are encrypted at rest in our database.

No stored card data

We don't store credit card numbers. All payment processing is handled by PCI-compliant payment providers.

Access controls

Each Suriya account is isolated. Your customer data is accessible only to you and your authorized team members.

Auth security

Accounts are protected with secure session tokens and optional two-factor authentication.

Vulnerability disclosure

Found a security issue? Email security@suriya.ai — we aim to respond within 48 hours.

Report a vulnerability

If you've discovered a security issue, please report it to security@suriya.ai before disclosing publicly. We'll acknowledge your report within 48 hours.