Our commitment to Security.
At ClearSplits, we handle the most sensitive part of your creative career: your ownership. We treat that responsibility with institutional-grade security.
Data Encryption
All sensitive agreement data is encrypted at rest using AES-256 and in transit via TLS 1.2+. Your splits are stored in a hardened database with strict access controls.
Audit & Transparency
Every action within a split—versioning, approvals, and signatures—is logged in a permanent audit trail. Changes are immutable once a version is finalized.
Secure Authentication
We leverage industrial-strength authentication through Google OAuth and Magic Links, ensuring only verified creators can access or sign legal documents.
Cloud Infrastructure
Our platform is built on SOC 2 Type II compliant infrastructure provided by Vercel and Supabase, ensuring high availability and physical security of data centers.
Technical Safeguards
Automated Backups
Point-in-time recovery (PITR) is enabled, allowing us to restore data to any specific second in the past 7 days in case of emergencies.
Rate Limiting & DDoS Protection
All API endpoints are protected by intelligent rate limiting and enterprise-tier DDoS shielding from Vercel Edge Network.
Regular Audits
We perform automated scanning for vulnerable dependencies and rotate internal API keys and secrets every 30-90 days.
No Password Storage
ClearSplits never stores passwords. We use passwordless Magic Links and OAuth to eliminate the most common attack vector.
Found a security vulnerability?
We take reports seriously. If you've discovered a bug, please contact our security team immediately.
Report Vulnerability