Security

Your Money. Your Data. Our Obsession.

Every transaction encrypted. Every row access-controlled. Every audit logged. This is the security infrastructure behind WavRift.

Encryption at Rest & in Transit

All data is encrypted at rest using AES-256 and in transit using TLS 1.3. Database connections are encrypted end-to-end. No plaintext secrets ever touch disk.

SOC 2 Type II Infrastructure

WavRift runs on Supabase, which maintains SOC 2 Type II compliance. Your data is hosted in SOC 2 certified data centers with continuous monitoring and audit trails.

Row-Level Security

Every database table is protected by row-level security policies. Users can only access their own data. Hosts manage their rooms. Admins have audited full access. No exceptions.

PCI DSS Compliant Payments

All payment processing is handled by Stripe, a PCI DSS Level 1 certified provider. WavRift never sees, stores, or processes raw card numbers. Tokenized from the first keystroke.

Multi-Factor Authentication

Admin accounts require MFA via TOTP (time-based one-time passwords). Session tokens are short-lived and automatically refreshed. Suspicious login attempts trigger additional verification.

Fraud Detection

Automated fraud detection flags suspicious submissions, payment patterns, and account behavior. Rate limiting on all API endpoints prevents abuse. Every flagged event is logged for review.

Your Rights

Full Data Ownership

Export everything. Clips, analytics, session history, payment records. One click, machine-readable format.
Delete anytime. Request account deletion and all associated data is permanently removed. No questions, no retention games.
GDPR & CCPA compliant. Access, rectification, erasure, portability. Exercise any right by contacting privacy@wavrift.com.
Artists retain all rights. Submitting a track for review does not transfer any intellectual property. Your music stays yours.

Questions about security? Contact security@wavrift.com