Skip to content

Security & Vulnerability Disclosure

Our Practices

  • TLS/HTTPS; secure headers; secret management; least privilege; periodic access reviews
  • Short‑lived OAuth tokens; minimal retention
  • Paddle handles PCI‑grade payment data
  • Logging/anomaly detection; incident response drills

Reporting

Email security@nextblitz.com. Do not access others’ data or degrade the Service. We acknowledge good‑faith reports and remediate quickly.

Last updated: 12 October 2025