Trust & Safety
Security Standards
Last reviewed 2026
Authentication
All user accounts are secured through Discord-based identity verification. Profile access is tied to your Discord ID, ensuring that only verified community members can claim and manage a profile on the platform. Passwords are hashed using bcrypt with a cost factor of 10 — your plaintext password is never stored.
Data Encryption
All data transmitted between your browser and our servers is encrypted via TLS. Sensitive fields are handled with industry-standard encryption practices. We do not store payment information of any kind.
Session Security
Sessions are managed using sealed, tamper-proof cookies encrypted with AES-256-GCM. Sessions expire automatically after 7 days of inactivity. You can invalidate your session at any time by signing out from your dashboard.
Invite-Only Access
The platform operates on a closed, invite-only model. Each invite code is single-use and cryptographically random. This significantly reduces the attack surface by ensuring that only vetted individuals can register an account.
Privacy
Your profile settings and personal information remain private by default. We collect minimal analytics (profile views, visitor count) solely to provide you with usage insights through your dashboard. We do not sell or share your data with third parties.
Reporting Vulnerabilities
If you discover a security vulnerability, please report it responsibly via our Discord server. We take all security reports seriously and will respond promptly.