Loading…
Loading…
At Baseline, protecting your data is a top priority. Here's how we keep your facility's information safe.
Baseline is hosted on Vercel, which provides enterprise-grade infrastructure with automatic scaling, edge network distribution, and DDoS protection. All traffic is encrypted with TLS 1.2+ in transit. Data at rest is encrypted using AES-256. Our DNS and CDN are managed through Cloudflare, providing additional security layers including WAF (Web Application Firewall) and bot mitigation.
We follow security best practices including Content Security Policy (CSP) headers, CSRF protection on all form submissions, input validation and sanitization on all API endpoints, rate limiting to prevent abuse, strict HTTP security headers (HSTS, X-Frame-Options, X-Content-Type-Options), and regular dependency audits.
Payment processing is handled by our PCI-compliant payment partner. Baseline never stores credit card numbers, CVVs, or other sensitive payment data on our servers. All payment transactions are processed through encrypted, tokenized connections.
Access to production systems is restricted to authorized personnel with multi-factor authentication. We use role-based access controls, maintain audit logs, and conduct regular security reviews. Error monitoring and alerting help us quickly identify and respond to potential issues.
We collect only the data necessary to provide our services. We do not sell your data to third parties. You retain ownership of all data you upload to the platform. For full details, see our Privacy Policy.
If you discover a security vulnerability, we encourage responsible disclosure. Please report any security concerns to security@baselinepro.com. We will acknowledge your report within 48 hours and work to resolve confirmed vulnerabilities promptly.