Security at NightSip
Your security and privacy are our top priorities. Learn about the measures we take to protect your data.
How We Protect Your Data
Encryption in Transit
All data transmitted to and from our servers is encrypted using TLS 1.3. We enforce HTTPS across all connections.
Secure Infrastructure
Our website is hosted on Netlify's enterprise-grade infrastructure with DDoS protection and automatic failover.
Privacy by Design
We collect only the minimum data necessary to provide our services. We never sell your personal information.
PCI Compliance
Payment processing is handled by Stripe, a PCI DSS Level 1 certified payment processor. We never store your card details.
Security Headers
| Header | Status | Purpose |
|---|---|---|
| Strict-Transport-Security | Enabled | Forces HTTPS connections |
| X-Frame-Options | DENY | Prevents clickjacking attacks |
| X-Content-Type-Options | nosniff | Prevents MIME sniffing |
| Content-Security-Policy | Enabled | Controls allowed content sources |
| Referrer-Policy | strict-origin | Controls referrer information |
| Permissions-Policy | Restricted | Limits browser features |
Data Handling Practices
What We Collect
- Email address (for waitlist and communications)
- Name and shipping address (when you order)
- Anonymous analytics (via privacy-friendly Plausible)
What We Never Do
- ✗Sell your personal information
- ✗Store payment card details (handled by Stripe)
- ✗Share data with third parties for marketing
- ✗Use invasive tracking cookies
Third-Party Services
We use the following trusted third-party services:
Stripe
Payment processing
Netlify
Hosting and CDN
Plausible
Privacy-friendly analytics
Responsible Disclosure
Found a Security Issue?
We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly.
Email: security@thenightsip.com
Response time: Within 72 hours
Security.txt: /.well-known/security.txt