ContentCrafter implements comprehensive security measures to protect your information and ensure the integrity of our service. Security is foundational — not an afterthought — particularly given the sensitive professional context in which our users operate.
All data transmitted between your browser and our servers uses TLS (Transport Layer Security) protocols. Connections over plain HTTP are rejected.
Persistent data in our databases is encrypted using AES-256 encryption. Encryption keys are managed separately from the data they protect.
This is our core security guarantee for AI processing. When you generate content, your inputs — including client references, technical details, and proprietary methodologies — are processed in memory and discarded immediately after generation. They are never written to persistent storage, never logged in a form that can be traced back to you, and never used to train AI models.
All AI processing uses EU-hosted endpoints only, ensuring your data never leaves European data centers.
Hashed with industry-standard algorithms and unique salts. Plain-text passwords are never stored.
Secure OAuth 2.0 with trusted providers (Google). Tokens are stored encrypted and rotated regularly.
Automatic session timeout, secure cookie flags (HttpOnly, Secure, SameSite), and CSRF protection on all state-changing operations.
ContentCrafter is GDPR-compliant from day one. We operate under the legal frameworks of GDPR Article 6 (lawful basis) and Article 28 (processor obligations). Key commitments:
If you discover a security vulnerability, please report it responsibly:
Email: security@contentcrafter.com
Response time: Within 24 hours
PGP key available upon request