Sprinkling Act
Security
Infrastructure
Hosted on Vercel (frontend) and Railway (backend). Data stored in Supabase with Row Level Security on all tables. All connections encrypted via TLS 1.3.
Data protection
Diagnostic data encrypted at rest. No full user agents or IP addresses stored. Session identifiers are anonymous. Analytics is GDPR-compliant and never sold.
Payments
All payments processed by Stripe (PCI DSS Level 1). Sprinkling Act never stores card numbers or payment credentials.
Responsible disclosure
Report vulnerabilities to security@sprinklingact.com. We acknowledge within 48h and resolve critical issues within 7 days.
Sprinkling — Powered by SASS™ – The European Act Structural Standard