Security at RidePerk

1. Encryption in Transit

All audio data travels over TLS 1.3 via a WebSocket Secure (wss://) connection. Your voice never travels over an unencrypted connection — if the connection cannot be established securely, the session does not start.

2. Encryption at Rest

Audio segments flagged for review are encrypted with AES-256-GCM before being written to storage. Encryption keys are managed separately from the data they protect — they are never stored in the same location as the ciphertext.

3. Data Minimization

We only store what a safety event requires. Audio from sessions where no high-risk events are detected is never written to disk. The default retention window for stored audio is 7 days. Sessions escalated to authorities are retained for 30 days.

4. Infrastructure

RidePerk runs on Railway (backend) and Vercel (frontend). Both maintain SOC 2 compliance. Persistent data is stored in Supabase with row-level security enabled, so each user can only access their own records.

5. Responsible Disclosure

Found a security issue? Email security@rideperk.ai. We respond within 48 hours and will credit responsible reporters in our acknowledgements.

Please do not publicly disclose vulnerabilities before we have had a chance to address them.