Your data, protected by
world-class standards.
Your privacy and data security are our top priorities. Here’s how Snaps.Digital keeps your event photos safe at every step.
Secure OAuth & Session Safety.
We use Google's and Microsoft's official OAuth 2.0 flows. We implement CSRF tokens on all forms, secure, HTTP-only cookies with SameSite=Lax, and rotate session IDs upon authentication to protect your account.
End-to-End & At-Rest Protection.
All data in transit is protected with TLS 1.3 encryption. We encrypt your OAuth tokens and folder metadata with AES-256-GCM before storing them. Your photos are saved directly to your own Google Drive or OneDrive, under your account, without passing through third-party servers.
Direct-to-Cloud & Defense-in-Depth.
Uploaded photos go directly into your cloud storage. We never store or cache your files on our servers. We enforce rate limits per IP and per session, with consistent timing responses to thwart brute-force attacks and abusive traffic.
Built-in resilience.
Content Security Policy locked to trusted domains to prevent resource injection.
Browser features (camera, microphone) limited to authorized contexts only.
Regular code reviews and tests to proactively identify vulnerabilities.