Security | SupportWire

Effective date: May 25, 2026

Security is foundational to how we build SupportWire. Skcript Technologies Pvt. Ltd. ("Skcript", "we", "us") treats the protection of Customer Data as a first-class part of the product, not an afterthought. This page describes the technical and organizational measures we use to keep your data safe.

Compliance

SupportWire is built to be GDPR compliant. We process personal data in line with our Privacy Policy, and the third parties we rely on are listed on our Subprocessors page.

All payments are handled by Paddle, our merchant of record. Card data is processed by Paddle on PCI-DSS compliant infrastructure. SupportWire never sees or stores your full payment card details.

Infrastructure and hosting

The SupportWire application and database run on Hetzner cloud infrastructure located in the European Union. We use Cloudflare in front of our services for content delivery, TLS termination, and DDoS protection. File attachments and transactional email are handled through Amazon Web Services (S3 and SES).

Each provider operates under its own security and compliance program. We configure our services to follow the principle of least privilege and to limit the blast radius of any single component.

Encryption in transit

All traffic to and from SupportWire is served over HTTPS using TLS 1.2 or higher. TLS certificates are issued and automatically renewed through Cloudflare and Let's Encrypt, so connections between your browser, our application, and our backend services are always encrypted.

Data storage and backups

Customer Data is stored in PostgreSQL databases hosted in the European Union. We run automated daily backups together with database replication, giving us high availability and a clear recovery path in the event of a failure. Database access is restricted to a small number of authorized engineers and is isolated behind network controls.

Monitoring

We use self-hosted and third-party monitoring to track the health and security of the platform. Application errors and performance issues are captured through Sentry, and our infrastructure is monitored continuously so we can detect anomalies and respond to incidents quickly.

Application security

Authentication supports email sign-in as well as Sign in with Google and Sign in with Apple. Sessions are protected with signed, scoped cookies, and access to internal systems follows least-privilege principles. We keep dependencies up to date and review security-relevant changes before they ship.

Reporting a vulnerability

If you believe you have found a security issue in SupportWire, we want to hear from you. Please email [email protected] with the details, and we will investigate promptly. We ask that you give us a reasonable opportunity to address the issue before any public disclosure.

Last updated: May 25, 2026