Security at SonicStu
Your music, your account and your payments are protected by industry-standard infrastructure and a security-first engineering culture.
Encryption everywhere
TLS 1.3 in transit. AES-256 at rest for tracks, stems and database backups.
Strong auth
Passwords hashed with bcrypt. Optional Google SSO. Sessions are short-lived and rotate on sign-in.
Row-level security
Every table is protected with RLS. You can only ever read or modify your own data.
Responsible disclosure
Found a vulnerability? Email security@sonicstu.com — we acknowledge within 24h and resolve critical issues within 7 days.
Infrastructure
SonicStu runs on Cloudflare's edge network, with Supabase for database, auth and storage. Payments are processed exclusively by Stripe — we never see or store full card numbers.
Backups & recovery
Database backups are taken every 24 hours with 7-day point-in-time recovery. Generated audio is replicated across multiple regions.
Account safety
Strong password policy, optional Google SSO, email-based recovery, and session revocation from the dashboard. We never email password reset links to addresses you didn't sign up with.
Report a vulnerability
Email security@sonicstu.com with steps to reproduce. We do not pursue legal action against good-faith researchers.