Trust & Safety
Your trust matters. Here's how we protect your data and our infrastructure.
All data transmitted between your browser and our servers is encrypted using TLS 1.3.
Our infrastructure runs on Vercel's globally distributed edge network with automatic DDoS protection.
Client data is accessible only to the VYLO team members directly working on your project.
We only collect what we need. Data is deleted when it is no longer needed for your project.
If you discover a security vulnerability in our website or services, we ask that you report it responsibly. Please email us at blainemack2009@gmail.com with the subject line "Security Disclosure". Include a clear description of the issue, steps to reproduce it, and any relevant screenshots or technical details. We commit to acknowledging your report within 48 hours and keeping you informed as we investigate and resolve the issue. We will not take legal action against researchers who follow these guidelines.
VYLO does not store payment card details on our servers. All payments are processed through trusted, PCI-DSS compliant payment processors. We receive confirmation of successful transactions only — never your full card number, CVV, or other sensitive payment data.
Files and assets you share with us for your project are stored securely and shared only with team members involved in your project. We use encrypted file storage and access is logged and audited. Files are deleted within 90 days of project completion unless otherwise agreed.
We use industry-standard third-party tools for project management, communication, and invoicing. Each tool is vetted for compliance with security best practices. We do not share your data with tools outside of those required to deliver your project.
In the unlikely event of a data breach affecting your personal information, we will notify you within 72 hours of becoming aware of the incident. Our notification will include the nature of the breach, what data was affected, and the steps we are taking to resolve it.