We take your data and our infrastructure seriously — by design, not by afterthought.
All RixForge applications are built with security in mind from day one. We apply threat modeling and best practices during the entire software development lifecycle. Our default posture is zero-trust — no implicit trust between systems or users.
All data is encrypted in transit using TLS 1.2+ and at rest using strong industry-standard encryption algorithms. We do not store any sensitive data in plaintext — user credentials and identifiers are hashed or encrypted appropriately.
Access to production infrastructure is strictly limited and protected via multiple layers of security which are widely recognised as best practices. All administrative activity is logged and reviewed periodically.
We continuously monitor our infrastructure for anomalies and signs of compromise. In the event of a security incident, we follow a documented incident response plan to contain, analyze, and remediate the issue rapidly.
Customers have control over sensitive features such as login history, session tracking, and account activity logs. These features can be enabled to support security auditing — but are disabled by default to preserve privacy.
We are fully aligned with the principles of the GDPR. We do not store identifiable user information in clear text, and we minimize data collection to what is strictly necessary for functionality and security.
We welcome responsible disclosure of vulnerabilities. If you believe you've found a security issue, please contact us at admin@rixforge.com. We'll investigate your report and respond promptly.
Last updated: May 26, 2025
RixForge Ltd. – Registered in the United Kingdom