# Security and compliance

### Quick overview

At BetterBugs.io, keeping your data safe and secure isn’t just a checkbox; it’s our top priority. We follow strict enterprise security standards to protect your information, and we don’t take shortcuts. 

* Our infrastructure, policies, and company practices undergo **periodic security reviews** by independent and third-party auditors. 
* We run **quarterly vulnerability tests** and **annual security exercises** to meet **SOC 2 Type II standards** and make sure everything's up to the mark. 

### SOC Type II compliance

We’re SOC 2 Type II compliant, which means our security, data protection, and operational procedures meet rigorous industry benchmarks. If you're a qualified customer and want to check out our SOC 2 Type II report, just drop us a message at <dev@betterbugs.io>, and we’ll be happy to share it.

### Infrastructure and hosting setup

BetterBugs runs on **Amazon Web Services (AWS)**, specifically in the **us-east-1 region**. Our **content delivery network (CDN)** services are powered by **Cloudflare**, so your experience stays fast and secure.

Our Chrome extension is officially distributed through **Google’s Chrome Web Store**, ensuring it meets all necessary security requirements.

### Data backup period

The data backup period depends on the frequency of the DB snapshots captured and used by the application.

<table><thead><tr><th width="155.6666259765625">Frequency unit</th><th>Every</th><th>Retention duration</th></tr></thead><tbody><tr><td>Hourly</td><td>6 hours</td><td>2 days</td></tr><tr><td>Daily</td><td>N/A</td><td>7 days</td></tr><tr><td>Weekly</td><td>Saturday</td><td>4 weeks</td></tr><tr><td>Monthly</td><td>Last day of the month</td><td>12 months</td></tr><tr><td>Yearly</td><td>First of Decemeber</td><td>1 year</td></tr></tbody></table>

### Frequently asked questions (FAQs)

<details>

<summary>1 - Does BetterBugs backup my data?</summary>

Yes, BetterBugs backs up your data (please refer to the table above) for the core features of BetterBugs to function correctly. However, our engineering team ensures that all the safeguards are in place and your data is stored responsibly and reliably.

</details>

<details>

<summary>2 - What is the data retention policy of BetterBugs?</summary>

BetterBugs has a data retention policy of 2 years for the Free, Individual, and Teams plans. For the Enterprise plan, we offer a custom data retention policy.

</details>

<details>

<summary>3 - What are the encryption and security measures used in BetterBugs?</summary>

We take encryption seriously and your data stays protected at all times:

* Data at **REST** is encrypted using **AES-256**, meaning it’s secure even when stored.
* Data in **transit** is encrypted with **HTTPS/TLS** to ensure it stays safe while moving.

</details>

<details>

<summary>4 - How does BetterBugs ensure cloud security, and what safeguards are in place for access controls?</summary>

We’ve included multiple security layers in our cloud systems. Here’s more on it:

* **Two-factor authentication (2FA)** is required for accessing cloud services, source code, and third-party integrations.
* Attack prevention systems are in place via **Cloudflare** to safeguard against cyber threats.
* We have security Firewalls within our **AWS cloud infrastructure**.
* AWS fully manages our cloud infrastructure, so we don’t run an **Intrusion Detection System (IDS)** or **Intrusion Prevention System (IPS)** in our production network. **AWS** takes care of that for us.

</details>

<details>

<summary>5 - How does BetterBugs handle security incidents?</summary>

We don’t take security concerns lightly. If an issue comes up:

* We actively investigate and resolve security risks as soon as we’re aware of them.
* If a security event affects our users, we communicate openly and let you know what’s going on.

</details>

<details>

<summary>6 - Does BetterBugs have bug bounty programs?</summary>

Currently, BetterBugs.io doesn’t have a bug bounty program. However, we’d love your feedback to further improve our security. Write to us at <dev@betterbugs.io>, and we’ll get back to you asap.

</details>

<details>

<summary>7 - How do I report a security bug or an issue in BetterBugs?</summary>

If you ever come across a potential security issue or just have a question, reach out to us at <dev@betterbugs.io>. We’ll respond as soon as possible.

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.betterbugs.io/product-features/security-and-compliance.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.