Renounce RightBack to home

Security

Last updated: April 2026

Renounce Right walks individuals through one of the most sensitive decisions there is. We treat the data behind that decision the same way.

Data protection

  • TLS 1.2+ in transit, HSTS enforced.
  • AES-256 at rest in managed Postgres.
  • Sensitive identifiers encrypted at the column level.
  • Encrypted backups, 30-day point-in-time recovery.

Access controls

  • Role-based access through Better Auth, with optional 2FA.
  • Privileged operator actions are logged and reviewed.
  • Cross-app traffic uses short-lived signed tokens.

Infrastructure

  • SOC 2-compliant cloud hosting.
  • Network isolation between auth, app, and analytics tiers.
  • Continuous dependency scanning and quarterly penetration tests.

Incident response

Affected users are notified within 72 hours of a confirmed incident, alongside the steps we're taking to remediate.

Reporting a vulnerability

Disclose responsibly. Email support@xcapesuite.com with reproduction steps. We acknowledge within one business day.