Security & Privacy
Your security and privacy are our top priorities. Learn how we protect your data and accounts.
We use industry-standard OAuth 2.0 with PKCE for secure authentication. Your social media accounts are connected securely without storing your passwords.
All sensitive data, including access tokens and user information, is encrypted at rest using AES-256 encryption.
Access tokens are stored securely and automatically refreshed. We never expose your credentials or tokens in client-side code.
All API communications use HTTPS/TLS encryption. We follow OWASP security best practices for API design.
We conduct regular security audits and penetration testing to ensure our platform remains secure against emerging threats.
We comply with GDPR, CCPA, and other privacy regulations. You have full control over your data and can request deletion at any time.
What We Store
- Your account information (email, wallet address)
- Connected social media profile data
- OAuth tokens (encrypted)
- Scheduled posts and content
- Analytics and engagement data
What We Don't Store
- Your social media passwords
- Private messages or DMs
- Financial information
- Unencrypted access tokens
Your Rights
- Access: Request a copy of all data we have about you
- Correction: Update or correct your personal information
- Deletion: Request deletion of your account and all associated data
- Portability: Export your data in a machine-readable format
To exercise any of these rights, please contact us at privacy@reacha.com
For Users
- • Use strong, unique passwords for your account
- • Enable two-factor authentication when available
- • Regularly review connected accounts and permissions
- • Keep your email address up to date
- • Report suspicious activity immediately
Our Commitment
- • Regular security updates and patches
- • Monitoring for suspicious activity
- • Incident response procedures
- • Transparent security reporting
- • Compliance with industry standards
Have security concerns or questions? Contact our security team