Skip to content

Security & Trust

Your security and privacy are our top priorities. Learn how we protect your data and maintain strong security standards.

Data Encryption

All data transmitted between your device and our servers is encrypted using industry-standard TLS 1.3 protocol.

Secure Authentication

We use multi-factor authentication (MFA) and secure password hashing to protect your account from unauthorized access.

Infrastructure Security

Our infrastructure is hosted on AWS with enterprise-grade security, regular backups, and high availability practices.

Privacy Controls

You have control over your data with granular privacy settings and the ability to export or delete your information.

Compliance Alignment

Our controls are aligned with GDPR/CCPA and industry frameworks. Independent audits may be conducted as the service scales.

Incident Response

We maintain an incident response plan and review playbooks to quickly address potential security issues.

Data Protection

We implement multiple layers of security to protect your information. Data is encrypted in transit and at rest (AES-256 for storage).

Backups are performed regularly and stored in geographically distributed locations for resilience.

Access Controls

We enforce least privilege and role-based access control (RBAC). Access to production data is logged and reviewed.

Team members receive periodic security training.

Security Monitoring

We use monitoring and automated alerting to detect potential issues.

Periodic vulnerability assessments and penetration tests are planned as part of our security roadmap.

Third-Party Security

We review critical vendors for security posture and compliance commitments.

Payments are handled by PCI DSS compliant providers (e.g., Stripe). We do not store raw card data.

Compliance

We align our controls with major data protection regulations (GDPR, CCPA). Formal certifications (e.g., SOC 2, ISO 27001) may be pursued as we scale.

Reporting Security Issues

If you discover a vulnerability, please contact us immediately.

Security Contact

Email: hello@mentors.coach
PGP: available on request
We aim to reply within 24 hours.

Security Updates

We continuously improve our controls and processes to address emerging threats.

If an incident affects your data, we will notify you in line with applicable laws.

Our Commitments

GDPR

Aligned

CCPA

Aligned

SOC 2

Roadmap

ISO 27001

Roadmap