**Last Updated:** July 7, 2026
At Compessly, we prioritize the protection of your intellectual property, financial transactions, and personal credentials. This document describes the security protocols, infrastructure protections, and compliance standards we enforce across our marketplace.
1. Network & Infrastructure Security
All connections to the Compessly platform are encrypted in transit using Transport Layer Security (TLS 1.3) with strong cipher suites. Our systems are hosted in highly secure cloud environments featuring:
- Continuous web application firewalls (WAF) to prevent DDoS attacks.
- Encrypted database storage at rest using AES-256 standards.
- Isolated production networks accessible only via secure, authenticated VPNs.
2. Peer-to-Peer Video Privacy
To enforce absolute confidentiality: * We utilize WebRTC peer-to-peer streams for live 1:1 sessions. * Compessly maintains a **Zero-Recording policy**. Video data is streamed directly between the client and mentor browsers and never written to our servers or disk storage. * Platform messages and file transfers are encrypted to guarantee they remain private.
3. Financial Transaction Safety
Compessly does not store raw credit card numbers, CVVs, or financial credentials on our databases. All payments are outsourced to Stripe, a PCI-DSS Level 1 compliant gateway.
4. Reporting Security Vulnerabilities
We welcome audits and reports from white-hat security researchers. If you identify a vulnerability, please disclose it responsibly by writing to [security@compessly.com](mailto:security@compessly.com).