ContoxContox

Security at Contox

We take security seriously. Here's how we protect your project memory.

1. Data encryption

  • At rest: Memory data stored in Appwrite is encrypted using AES-256.
  • In transit: All API calls use HTTPS/TLS 1.3.

2. Access control

  • Fine-grained permissions via Appwrite (document-level access control)
  • Role-based access for teams (admin/member roles)

3. Authentication

  • OAuth via Appwrite (supports email/password, Google, GitHub)
  • No plain-text password storage

4. Infrastructure

  • Hosted on Appwrite Cloud (EU region by default)
  • Regular backups, encrypted at rest

5. Monitoring & incident response

  • We monitor for unusual API activity
  • If a security incident occurs, we'll notify affected users within 72 hours (GDPR requirement)

6. Vulnerability reporting

If you discover a security issue, please report it responsibly to:

Email:contact@contox.dev

We'll respond within 48 hours.

7. Compliance

  • GDPR-compliant (EU data protection)
  • Payments handled by Stripe (PCI-DSS compliant)

8. What we don't do

  • We do not train AI models on your memory data
  • We do not share your data with third parties (except Stripe for payments, Appwrite for hosting)

Security questions?

If you have specific security concerns or requirements, we are happy to discuss them.

Contact us