β Back to BARKULATOR
At BARKULATOR, we take the security and privacy of your data seriously. This page outlines our security measures, compliance standards, and commitment to protecting your information.
92/100
Overall Cybersecurity Compliance Score
β
Compliant with GDPR, CCPA, and international data protection standards
Compliance Standards
πͺπΊ GDPR
100%
Full compliance with EU General Data Protection Regulation
πΊπΈ CCPA
100%
California Consumer Privacy Act compliant
πͺ Cookie Law
100%
ePrivacy Directive & Cookie Consent
Security Measures
π
Data Encryption
In Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.3 (HTTPS)
At Rest: All data stored in our database is encrypted using AES-256 encryption
π
Secure Authentication
We use Supabase Auth for secure user authentication with:
- Password hashing with bcrypt
- JWT token-based sessions
- Automatic token refresh
- Secure cookie storage
π‘οΈ
Content Security Policy
Our site implements strict Content Security Policy (CSP) headers to prevent:
- Cross-Site Scripting (XSS) attacks
- Code injection attacks
- Unauthorized third-party scripts
π
Regular Security Audits
We conduct regular security assessments including:
- Dependency vulnerability scans
- Code security reviews
- Penetration testing (when applicable)
- Compliance audits
Your Privacy Rights
We respect your data privacy rights under GDPR and CCPA:
| Right |
Description |
How to Exercise |
| Access |
View all data we have about you |
Account settings β Data Management |
| Rectification |
Correct inaccurate data |
Edit your profile directly |
| Erasure |
Delete your account and data |
Account settings β Delete Account |
| Portability |
Download your data in JSON format |
Account settings β Export Data |
| Object |
Object to certain data processing |
Email us at barkulator@gmail.com |
β
Most privacy rights can be exercised directly from your account settings. No need to email us unless you need assistance.
Data Protection
What We Collect
- β
Account Data: Email address (for authentication only)
- β
Profile Data: Dog information you choose to save
- β
Technical Data: Browser type, device type (for optimization)
- β
Usage Data: Pages visited, features used (anonymized)
What We DON'T Collect
- β Your real name (not required)
- β Phone numbers
- β Physical addresses
- β Payment information (service is free)
- β Location data beyond country
- β Biometric data
How We Protect Your Data
- π Encryption: All data encrypted in transit (TLS 1.3) and at rest (AES-256)
- π Access Control: Strict role-based access, least privilege principle
- π‘οΈ Secure Infrastructure: Hosted on Supabase with enterprise-grade security
- π Audit Logs: All data access is logged and monitored
- π Backups: Regular encrypted backups with 30-day retention
Data Breach Response
In the unlikely event of a data breach, we have a comprehensive response plan:
- Detection: Automated monitoring alerts us immediately
- Containment: Incident response team activated within 1 hour
- Assessment: Scope and impact evaluated
- Notification: Affected users notified within 72 hours (GDPR requirement)
- Remediation: Vulnerabilities patched and systems secured
- Reporting: Supervisory authorities notified if required
β‘ 72-Hour Notification: We comply with GDPR Article 33/34 requirements for breach notification. You will be informed promptly if your data is affected.
Third-Party Services
We use the following trusted third-party services:
| Service |
Purpose |
Data Shared |
Privacy Policy |
| Supabase |
Database & Authentication |
Email, dog profiles |
View Policy |
| Google Fonts |
Typography |
None (no cookies) |
View Policy |
| GitHub Pages |
Hosting |
IP address (standard web hosting) |
View Policy |
All third-party processors:
- β
Are GDPR compliant
- β
Have signed Data Processing Agreements (DPAs)
- β
Use appropriate technical and organizational measures
- β
Cannot use your data for their own purposes
Cookie Policy
We use minimal cookies to ensure the service functions properly:
Essential Cookies (Always On)
- Authentication tokens: Keep you logged in (sb-access-token, sb-refresh-token)
- Session cookies: Maintain your session state
Optional Cookies (Requires Consent)
- Analytics cookies: Understand how users interact with the site (anonymized)
- Preference cookies: Remember your settings and preferences
Manage Your Preferences: You can change your cookie settings at any time using the
Cookie Settings button in the footer.
International Data Transfers
Your data may be transferred to and processed in:
- πͺπΊ European Union: Primary data center location (Supabase)
- πΊπΈ United States: Secondary processing and backups
Safeguards in place:
- β
Standard Contractual Clauses (SCCs) approved by EU Commission
- β
Adequate level of protection as required by GDPR
- β
Regular compliance assessments
Security Best Practices for Users
π Protect Your Account:
- Use a strong, unique password
- Don't share your login credentials
- Log out on shared devices
- Report suspicious activity immediately
- Keep your email account secure (we send password resets there)
Continuous Improvement
Security is an ongoing process. We continuously:
- β
Monitor for vulnerabilities and threats
- β
Update dependencies and security patches
- β
Improve our security infrastructure
- β
Stay informed about emerging threats
- β
Update our policies to reflect best practices
Bug Bounty: If you discover a security vulnerability, please report it responsibly to
barkulator@gmail.com. We appreciate the security research community's help in keeping BARKULATOR safe.