Security Overview

Infrastructure & data residency

Hosted on AWS with primary data residency in Australia and CDN edge delivery. Our database and storage are managed services with redundancy and backups.

Data protection

Encryption in transit (TLS 1.2+), access controls, and least-privilege roles. Passwords are hashed using industry-standard algorithms.

Data access is logged and restricted to authorized personnel for support and maintenance.

Backups & reliability

Automated backups with retention policies, monitoring, and alerting. Our uptime-focused architecture helps ensure access during game time.

Incident response

We monitor for anomalies and will notify customers without undue delay of any data breach affecting their data, including steps for remediation and guidance for regulatory notifications.

Vulnerability management

Regular dependency updates, security patches, and third-party scanning. We prioritize fixes based on severity and potential impact.

Responsible disclosure: report issues to security@pitchtime.app. We appreciate coordinated disclosure.

Access & logging

Role-based access, SSO for staff, and audit logging for administrative actions. Production access is limited and periodically reviewed.