Your data security is our top priority. Learn how we protect your information.
Crezt is built with security at its core. We employ industry-standard encryption, secure authentication, and regular security audits to ensure your data remains protected at all times.
All OAuth tokens and sensitive data are encrypted using AES-256-GCM, one of the strongest encryption standards available. Your TikTok credentials are never stored in plain text.
All data in transit is encrypted using TLS 1.3. We enforce HTTPS on all connections with HSTS headers to prevent downgrade attacks.
We use TikTok's official OAuth 2.0 flow for authentication. We never see or store your TikTok password - only secure access tokens that can be revoked at any time.
Brand account passwords are hashed using bcrypt with secure work factors. Even in the unlikely event of a breach, passwords cannot be recovered.
Comprehensive rate limiting protects against brute force attacks and API abuse. Suspicious activity is automatically blocked and logged for review.
We implement comprehensive security headers including CSP, X-Frame-Options, X-Content-Type-Options, and strict Referrer-Policy to prevent common web attacks.
We are committed to protecting your privacy and complying with GDPR and other data protection regulations:
All payments are processed through Stripe, a PCI-DSS Level 1 certified payment processor. We never store, process, or have access to your full credit card details. Escrow funds are held securely and distributed according to competition rules.
If you discover a security vulnerability, please report it responsibly. We take all reports seriously and will respond promptly.
[email protected]