Products
Cell Pulse Cell Defender
Resources
Security & Trust Learning Hub Compare vs Stripe Evaluation Template
Pricing Docs
Book a Demo
Security & Trust

Your payment data, protected.

We take the security of your Stripe data seriously. Here's how we keep it safe.

Read-Only Access

We connect to your Stripe account via official OAuth with read-only permissions. We cannot modify your account, process payments, issue refunds, or access card numbers. You can revoke access at any time from your Stripe Dashboard.

Infrastructure Security

  • Hosted on Vercel (SOC 2 compliant infrastructure)
  • Database on Supabase (SOC 2 Type II certified, PostgreSQL)
  • All data encrypted at rest (AES-256) and in transit (TLS 1.2+)
  • Automatic backups with point-in-time recovery

Data Isolation

  • Row-level security (RLS) enforced at the database level — each merchant can only access their own data
  • Admin operations (webhook processing, scheduled jobs) use isolated service accounts with scoped permissions
  • No shared data between merchant accounts, ever

Authentication

  • Secure authentication via Supabase Auth
  • Passwords are never stored in plaintext — bcrypt hashed with salt
  • Session tokens expire automatically
  • Rate limiting on authentication endpoints

PCI Compliance

We never store, process, or transmit cardholder data. All payment data flows through Stripe, which is PCI DSS Level 1 certified — the highest level of compliance. Your customers' card data never touches our servers.

Compliance Roadmap

We are actively pursuing SOC 2 Type II certification to provide independently audited assurance of our security controls. Our infrastructure providers (Vercel, Supabase) already maintain SOC 2 compliance.

Responsible Disclosure

Found a security issue? We appreciate responsible disclosure. Contact us and we'll respond within 48 hours.

[email protected]

Ready to see Cell Pulse in action?

Book a demo and see how we monitor your Stripe payments in real time.

Book a Demo → View pricing