We take the security of your business data and your customers' information seriously.
All data encrypted with TLS 1.3 in transit. Database encrypted at rest.
Session-based auth via Better Auth. HttpOnly cookies. No passwords stored in plaintext.
Move photos stored in private Cloudflare R2. Access via signed URLs only.
Card data handled exclusively by Stripe. We never see or store credit card numbers.
All queries parameterized via Drizzle ORM. No raw SQL from user input.
HSTS, CSP, X-Frame-Options, X-Content-Type-Options configured on all responses.
Found a security issue? Please report it responsibly to move@kwatateam.com. We respond to all security reports within 48 hours.