Skip to main content
Curate KingCurate King

Curate King

Security & trust

The safeguards, policies, and practices we use to protect workspace data and support product reliability.

← Back to home

Last reviewed: September 25, 2025

CurateKing is built for collaboration and consistency. We invest in security so that your team can focus on creating, with clear controls around workspace access and connected services. Below is an overview of our current program.

1. Infrastructure & data protection

  • Application traffic is served over HTTPS.
  • Production data is stored with managed infrastructure providers that support encryption and backup controls.
  • Secrets are managed through environment configuration and restricted operational access.
  • We separate production and staging environments and restrict access based on least privilege.

2. Application security

  • Passwords are hashed with industry-standard algorithms (bcrypt) before being stored.
  • Authentication and session handling use established application security libraries.
  • Role-based permissions ensure teammates only see the Sites, prompts, and analytics they need.
  • Dependency and code checks are part of the development workflow before changes ship.

3. Operational practices

  • Access to workspace data is limited to personnel with a business need.
  • Operational access is reviewed as roles and responsibilities change.
  • Security practices are reviewed as the product and customer base evolve.
  • Incident response playbooks define how we triage, communicate, and remediate issues.

4. Reliability & monitoring

  • Application health, errors, and background jobs are monitored through internal tooling.
  • Automated tests and CI checks are used before deploys.
  • Public availability reporting is being prepared on our status page.
  • Recovery procedures are reviewed as critical services and integrations change.

5. Responsible disclosure

We welcome reports from the security community. If you discover a vulnerability or suspect unauthorized access, please email security@curateking.com. Include relevant details so we can reproduce the issue. We aim to acknowledge new submissions within two business days.

6. Compliance roadmap

CurateKing is not publicly claiming SOC 2 or similar certification at this time. We will update this page if formal certifications, audit reports, or additional compliance documentation become available.

7. Questions or requests

Need a security review or have another security question? Reach out at security@curateking.com or contact us via the support form. We are happy to help.

Security & Trust — CurateKing