Security

Infrastructure

Rhyora runs on industry-leading cloud infrastructure designed for security and reliability:

• Hosting: Vercel's edge network with automatic DDoS protection and global distribution.
• Database & Auth: Supabase (managed PostgreSQL) with row-level security policies and built-in authentication.
• CDN & Containers: Cloudflare for content delivery, DNS, and isolated container workloads.
• Asset Storage: Cloudflare R2 with access-controlled buckets for generated media.

Encryption

• In transit: All connections use TLS 1.3. HTTP requests are automatically redirected to HTTPS.
• At rest: Database and stored assets are encrypted with AES-256 at rest via our infrastructure providers.

Authentication

• Password hashing: User passwords are hashed with bcrypt before storage.
• Session management: Handled by Supabase Auth with secure, HttpOnly cookies and automatic token rotation.
• Access control: Role-based access control (RBAC) enforced at both application and database layers.

AI Data Handling

• Prompt processing: Your prompts and creative inputs are sent to AI providers solely to generate the requested content. They are not used for model training.
• Content safety: Generated content passes through safety screening to prevent policy-violating outputs.
• Provider isolation: Each AI provider receives only the minimum data required for the specific generation task.

Payment Security

Payment processing is handled by Razorpay, a PCI-DSS compliant payment gateway. Rhyora does not store credit card numbers, CVVs, or other sensitive payment details on our servers.

Responsible Disclosure

If you discover a security vulnerability, please report it to support@rhyora.com. We ask that you give us reasonable time to investigate and address the vulnerability before disclosing it publicly.

Related

• Privacy Policy
• Terms of Service
• Contact Us