Security

Last updated: March 2026

We take the security of your data seriously. Here is how we protect it.

Encryption in transit

All data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher. We enforce HTTPS across the entire site and redirect any HTTP traffic automatically.

Encryption at rest

Waitlist data and any user information stored in our database is encrypted at rest using AES-256. Database backups are also encrypted.

Infrastructure

We host our services on reputable cloud infrastructure with SOC 2 Type II certification. Access to production systems is restricted by role and protected with multi-factor authentication.

Access control

Only authorised Shocase team members have access to production data, and only to the extent necessary to do their jobs. We follow the principle of least privilege across all systems.

Dependency management

We keep our software dependencies up to date and monitor for known vulnerabilities. Critical security patches are applied promptly.

Responsible disclosure

If you discover a potential security vulnerability in our site or product, please report it to us privately at tejas@shocase.studio or tanay@shocase.studio with the subject line "Security Disclosure". We will acknowledge your report within 48 hours and work with you to address it responsibly. We ask that you do not publicly disclose the issue until we have had a chance to investigate and patch it.

Questions

For any security-related questions, email us at tejas@shocase.studio or tanay@shocase.studio.