verified_userLegal Platform Agreement

Security & Compliance

Last Updated: July 7, 2026

Key Summary:TLS 1.3 & AES-256 encryptionP2P WebRTC zero video recordingsPCI-DSS compliant Stripe billing

**Last Updated:** July 7, 2026

At Compessly, we prioritize the protection of your intellectual property, financial transactions, and personal credentials. This document describes the security protocols, infrastructure protections, and compliance standards we enforce across our marketplace.

1. Network & Infrastructure Security

All connections to the Compessly platform are encrypted in transit using Transport Layer Security (TLS 1.3) with strong cipher suites. Our systems are hosted in highly secure cloud environments featuring:

  • Continuous web application firewalls (WAF) to prevent DDoS attacks.
  • Encrypted database storage at rest using AES-256 standards.
  • Isolated production networks accessible only via secure, authenticated VPNs.

2. Peer-to-Peer Video Privacy

To enforce absolute confidentiality: * We utilize WebRTC peer-to-peer streams for live 1:1 sessions. * Compessly maintains a **Zero-Recording policy**. Video data is streamed directly between the client and mentor browsers and never written to our servers or disk storage. * Platform messages and file transfers are encrypted to guarantee they remain private.

3. Financial Transaction Safety

Compessly does not store raw credit card numbers, CVVs, or financial credentials on our databases. All payments are outsourced to Stripe, a PCI-DSS Level 1 compliant gateway.

4. Reporting Security Vulnerabilities

We welcome audits and reports from white-hat security researchers. If you identify a vulnerability, please disclose it responsibly by writing to [security@compessly.com](mailto:security@compessly.com).