Security

How we protect your community's data.

Encrypted in transit and at rest

All data is transmitted over TLS 1.2+. Database connections require SSL. Neon encrypts data at rest.

Minimal data footprint

We store only what is necessary: membership identifiers, activity timestamps, payment outcomes, and churn scores. No passwords, no payment card data.

Webhook signature verification

Every Whop webhook is verified using HMAC-SHA256 signature validation before any data is written or action is taken.

Automatic scoring isolation

Scoring runs as an isolated cron job with no user-facing attack surface. Admin endpoints require a separate secret token.

Infrastructure

  • Application hosted on Vercel (edge-enabled, auto-scaling)
  • Database: Neon PostgreSQL, EU region (eu-central-1)
  • No long-lived server processes — serverless functions only
  • Environment variables managed via Vercel; never committed to source

Access control

The RetentionOS dashboard is scoped to the Whop company that installed the app via Whop's iframe context. One company cannot access another's data. Admin-only endpoints (e.g. model training) require a separate ADMIN_TOKEN header that is never exposed to the client.

Responsible disclosure

If you discover a security vulnerability, please report it to security@retentionos.app before disclosing publicly. We will acknowledge your report within 48 hours.