Skip to main content

Security & Compliance Overview

Security and data privacy are foundational to the Feature Platform. We maintain an enterprise-grade security posture designed to protect tenant data, ensure regulatory compliance, and maintain the integrity of our blockchain interactions.

Full Legal Documentation

This page provides a technical summary. For comprehensive details regarding our Terms of Service, Data Processing Agreements, and regulatory frameworks, please consult our Legal and Regulatory Compliance page.

Key Security Controls

Our security architecture is built on Google Cloud Platform (GCP) best practices and rigorous internal protocols.

  • Data Processor Model: We strictly act as a Data Processor/Service Provider. You (the Tenant) retain full control and ownership as the Data Controller.
  • Data Minimization: We do not process or store high-risk sensitive data categories, such as financial information (PCI), government IDs (PII), or biometric data.
  • Encryption Everywhere: All data is encrypted in transit using TLS 1.2+ and at rest using industry-standard * AES-256* encryption.
  • Access Control: We enforce strict Role-Based Access Control (RBAC) and require Multi-Factor Authentication (MFA) for all internal system access.
  • Audit Logging: Comprehensive logging is implemented across our infrastructure to ensure traceability and accountability for all system actions.
  • Cross-Border Transfers: We utilize Standard Contractual Clauses (SCCs) to ensure compliance with international data transfer regulations.
  • Compliance Readiness: Our architecture is designed to support compliance with major frameworks including GDPR and CCPA.
  • No Gambling/Sweepstakes: The platform is architected for "free-to-earn" engagement rewards. We do not operate or support gambling, lotteries, or sweepstakes mechanisms.

Infrastructure Security

We leverage the world-class security capabilities of Google Cloud Platform (GCP). Our environment isolates tenant data and utilizes cloud-native security tools to monitor for threats and vulnerabilities in real-time.

For a deeper dive into our specific regulatory stances, please visit the Legal and Regulatory Compliance page.