Security
Security
Last updated: February 15, 2025
At Rhappsody, LLC, we take the security of your apps and data seriously. This page outlines the measures we take to keep your information safe.
Your Data is Protected
Encryption Everywhere
- In Transit: All data between your browser and our servers is encrypted using TLS 1.3
- At Rest: Your apps and data are encrypted when stored on our servers
- Passwords: User passwords are hashed using industry-standard bcrypt - even we can’t see them
Infrastructure Security
- Global CDN: Apps are distributed across secure edge locations worldwide
- DDoS Protection: Built-in protection against distributed denial-of-service attacks
- Isolated Execution: Each app runs in its own secure sandbox environment
- Regular Updates: Our infrastructure is continuously updated with the latest security patches
Privacy by Design
We Don’t Track You
- No cookies for tracking
- No analytics that identify you
- No selling or sharing of your data
- No advertising networks
You Control Your Data
- Export your apps anytime
- Delete your data permanently
- Choose who can access your apps
- Full transparency about what we store
App Security Features
For Free Plans
- Public apps with read-only access
- Secure hosting on our infrastructure
- Automatic HTTPS for all apps
For Paid Plans
- User Authentication: Password-protect any part of your app
- Access Controls: Define who can view, edit, or delete content
- Private Apps: Keep apps completely private to authorized users
- Secure Sessions: Automatic timeout and secure session management
Development Security
Secure by Default
- Input validation built into all actions
- Protection against common vulnerabilities (XSS, injection attacks)
- Automatic output encoding
- Content Security Policy headers
Code Protection
- Your Rhyme source code is compiled to bytecode
- Original source is never exposed to end users
- Secure compilation process
- Protected intellectual property
Compliance & Standards
Industry Standards
- SOC 2 Type II (in progress)
- GDPR Compliant: Full compliance with EU privacy regulations
- CCPA Compliant: California Consumer Privacy Act compliance
- HIPAA: Available for Enterprise customers
Regular Audits
- Third-party security assessments
- Penetration testing
- Vulnerability scanning
- Continuous monitoring
Incident Response
If Something Happens
- Immediate Response: Our team is alerted instantly
- Quick Action: Issues are isolated and resolved
- Full Transparency: Affected users are notified promptly
- Post-Mortem: We learn and improve from every incident
Security Updates
- Critical updates applied immediately
- Regular maintenance windows for non-critical updates
- No downtime for security patches
- Automatic updates for all apps
Best Practices for Users
Keep Your Account Safe
- Use a strong, unique password
- Enable two-factor authentication (coming soon)
- Don’t share your login credentials
- Log out from shared computers
Secure App Development
- Use our built-in authentication for sensitive content
- Validate user inputs using our actions
- Keep your API keys secure (use environment variables)
- Regular backups (automatic for paid plans)
Reporting Security Issues
Found a security vulnerability? We appreciate responsible disclosure.
How to Report
- Email: [email protected]
- Response Time: Within 24 hours
- Rewards: Security researchers may be eligible for recognition
What to Include
- Description of the vulnerability
- Steps to reproduce
- Potential impact
- Your contact information
Our Security Promise
We promise to:
- Keep your data secure and private
- Be transparent about our security practices
- Respond quickly to security concerns
- Continuously improve our security measures
- Never compromise your privacy for profit
Questions?
Have security questions or concerns?
- Email: [email protected]
- General Support: [email protected]
Your security is our priority. We’re here to help you build and deploy apps with confidence.