AttendPad
Security

How we protect your data

Security isn't an afterthought — it's built into every layer of AttendPad.

1. Data Encryption

  • Field-level AES-256-GCM encryption for all personal information (names, emails, phone numbers, signatures)
  • Per-user key derivation using HKDF — each user's data is encrypted with a unique derived key
  • HMAC-SHA256 hashing for email duplicate detection without exposing plaintext
  • TLS encryption for all data in transit between your browser and our servers
  • Kiosk PINs hashed with HMAC-SHA256 — never stored in plaintext

2. Authentication

  • Powered by Better Auth with Google OAuth and email/password sign-in
  • Email verification via one-time passcode (OTP) for new accounts
  • Two-factor authentication (TOTP) with authenticator app support
  • Backup codes for account recovery
  • 2FA required for admin access
  • Session revocation — sign out all other devices from account settings

3. Access Control

  • Row-level security — every database query is scoped to the authenticated user's ID
  • Admin role enforcement with 2FA requirement for elevated access
  • Kiosk PIN verification performed server-side with rate limiting (brute-force protection)
  • Subscription-based feature gating enforced at the server level

4. Input Protection

  • Rate limiting on all public endpoints (check-ins, sign-ups, PIN attempts)
  • Honeypot fields to silently reject bot submissions
  • CSRF protection via origin/referer header validation
  • Cloudflare Turnstile captcha on sign-up, sign-in, and contact forms
  • Input sanitization — control characters, null bytes, and oversized inputs are stripped
  • Custom field limits (max 100 per sheet) to prevent DoS

5. Privacy

  • GDPR data export — download all your data as JSON from account settings
  • Full account deletion with cascade — removes all sheets, rooms, attendees, and auth data
  • Configurable data retention with automatic expiry
  • We never sell, share, or use your attendance data for advertising
  • You own your data — export or delete it at any time
  • Audit logging for security events and compliance

6. Infrastructure

  • Cloudflare Workers — edge compute with no shared servers or containers
  • D1 database with automatic encryption at rest
  • R2 object storage for uploaded files
  • Global CDN with built-in DDoS protection
  • Security headers on every response (HSTS, CSP, X-Frame-Options, and more)
  • Strict Content Security Policy to prevent XSS attacks

Questions about our security practices?

Privacy PolicyTerms of ServiceContact Us
Privacy Policy·Terms of Service·Back to Home