Security Policy
This policy summarizes how we approach security for Fliint accounts, workspaces, public portals, widgets, and customer data.
Last updated: June 1, 2026
Security practices
We use safeguards designed to protect Fliint, including encrypted HTTPS connections, managed infrastructure, access controls, authentication providers, dependency updates, logging, backups, and monitoring appropriate to the size and risk of the service.
Access to customer data
We limit access to customer data to people and providers who need it to operate, support, secure, or improve Fliint. Workspace owners control team access and should invite only trusted users.
Customer responsibilities
Customers are responsible for using strong authentication, keeping billing and account details accurate, managing team permissions, reviewing public workspace settings, and avoiding the submission of unnecessary sensitive information.
Vulnerability reporting
If you believe you found a security vulnerability, email support@fliint.com with a clear description, reproduction steps, affected URLs, and any relevant screenshots or logs. Please avoid accessing, changing, deleting, or sharing data that does not belong to you.
Response
We review security reports, prioritize fixes based on severity, and may contact reporters for more detail. We do not currently operate a paid bug bounty program.