Security at Senntra

Your security and privacy are our top priorities. We employ industry-leading practices to protect your data and transactions.

Our Security Commitment

At Senntra, we take a comprehensive approach to security, protecting your data at every level of our platform. From secure authentication to encrypted payments, we ensure your information stays safe.

Authentication & Access ControlActive

OAuth 2.0 Authentication

Secure sign-in with Google OAuth for verified access

Session Management

NextAuth.js v5 with secure session handling and token rotation

Role-Based Access

Granular permissions for users, organizers, vendors, and admins

JWT Token Security

RS256 signed tokens with Convex integration for secure API access

Payment SecurityPCI DSS Level 1

3D Secure Authentication

Extra layer of verification for all card transactions

DPO Payment Processing

PCI DSS Level 1 certified payment processor with industry standards

No Card Data Storage

We never store your full credit card details on our servers

Encrypted Transactions

All payment data encrypted in transit and at rest

Data Protection & Privacy

End-to-End Encryption

TLS 1.3 encryption for all data in transit

Data Encryption at Rest

AES-256 encryption for stored sensitive data

Secure Database

Convex real-time database with built-in security and access controls

Data Minimization

We only collect data necessary for service functionality

Infrastructure Security

Cloud Infrastructure

Hosted on secure, enterprise-grade cloud platforms

DDoS Protection

Advanced protection against distributed denial-of-service attacks

Regular Backups

Automated daily backups with point-in-time recovery

Geographic Redundancy

Data replicated across multiple regions for reliability

Application Security Measures

Comprehensive security practices throughout our development lifecycle

Content Security Policy

Strict CSP headers to prevent XSS and injection attacks

Rate Limiting

API rate limiting to prevent abuse and brute force attempts

Input Validation

Zod schema validation for all user inputs and API requests

CSRF Protection

Cross-Site Request Forgery protection on all forms

Secure Headers

HSTS, X-Frame-Options, and other security headers enabled

Dependency Scanning

Regular automated scans for vulnerable dependencies

Our Security Practices

How we maintain and improve security continuously

Regular Security Audits

We conduct regular security audits and penetration testing to identify and address potential vulnerabilities before they become issues.

Continuous Monitoring

24/7 monitoring of our systems for suspicious activity, performance issues, and security threats with automated alerting.

Security-First Development

Our development team follows secure coding practices and conducts code reviews with security in mind for every change.

Incident Response Plan

We maintain a comprehensive incident response plan to quickly address any security concerns and communicate transparently with affected users.

Employee Training

All team members receive regular security training and follow strict security protocols when handling user data.

Compliance & Standards

Meeting industry standards and legal requirements

Active

PCI DSS Compliance

Payment Card Industry Data Security Standard through DPO

Active

Namibian Data Protection

Compliance with Namibian data protection laws and regulations

Active

GDPR-Inspired Practices

Following GDPR principles for data protection and user rights

Active

SOC 2 Principles

Adhering to SOC 2 security, availability, and confidentiality principles

Report a Security Vulnerability

Found a security issue? We take security reports seriously

If you discover a security vulnerability in Senntra, please report it to us immediately. We appreciate your help in keeping our platform secure.

How to Report:

Email security@senntra.com with details of the vulnerability
Include steps to reproduce the issue if possible
We'll acknowledge receipt within 24 hours
We'll work with you to understand and resolve the issue
We'll credit you (if desired) once the issue is fixed

Report Security Issue

Additional Security Resources

Learn more about how we protect your information

Security at Senntra

Your security and privacy are our top priorities. We employ industry-leading practices to protect your data and transactions.

Our Security Commitment

At Senntra, we take a comprehensive approach to security, protecting your data at every level of our platform. From secure authentication to encrypted payments, we ensure your information stays safe.

Authentication & Access ControlActive

OAuth 2.0 Authentication

Secure sign-in with Google OAuth for verified access

Session Management

NextAuth.js v5 with secure session handling and token rotation

Role-Based Access

Granular permissions for users, organizers, vendors, and admins

JWT Token Security

RS256 signed tokens with Convex integration for secure API access

Payment SecurityPCI DSS Level 1

3D Secure Authentication

Extra layer of verification for all card transactions

DPO Payment Processing

PCI DSS Level 1 certified payment processor with industry standards

No Card Data Storage

We never store your full credit card details on our servers

Encrypted Transactions

All payment data encrypted in transit and at rest

Data Protection & Privacy

End-to-End Encryption

TLS 1.3 encryption for all data in transit

Data Encryption at Rest

AES-256 encryption for stored sensitive data

Secure Database

Convex real-time database with built-in security and access controls

Data Minimization

We only collect data necessary for service functionality

Infrastructure Security

Cloud Infrastructure

Hosted on secure, enterprise-grade cloud platforms

DDoS Protection

Advanced protection against distributed denial-of-service attacks

Regular Backups

Automated daily backups with point-in-time recovery

Geographic Redundancy

Data replicated across multiple regions for reliability

Application Security Measures

Comprehensive security practices throughout our development lifecycle

Content Security Policy

Strict CSP headers to prevent XSS and injection attacks

Rate Limiting

API rate limiting to prevent abuse and brute force attempts

Input Validation

Zod schema validation for all user inputs and API requests

CSRF Protection

Cross-Site Request Forgery protection on all forms

Secure Headers

HSTS, X-Frame-Options, and other security headers enabled

Dependency Scanning

Regular automated scans for vulnerable dependencies

Our Security Practices

How we maintain and improve security continuously

Regular Security Audits

We conduct regular security audits and penetration testing to identify and address potential vulnerabilities before they become issues.

Continuous Monitoring

24/7 monitoring of our systems for suspicious activity, performance issues, and security threats with automated alerting.

Security-First Development

Our development team follows secure coding practices and conducts code reviews with security in mind for every change.

Incident Response Plan

We maintain a comprehensive incident response plan to quickly address any security concerns and communicate transparently with affected users.

Employee Training

All team members receive regular security training and follow strict security protocols when handling user data.

Compliance & Standards

Meeting industry standards and legal requirements

Active

PCI DSS Compliance

Payment Card Industry Data Security Standard through DPO

Active

Namibian Data Protection

Compliance with Namibian data protection laws and regulations

Active

GDPR-Inspired Practices

Following GDPR principles for data protection and user rights

Active

SOC 2 Principles

Adhering to SOC 2 security, availability, and confidentiality principles

Report a Security Vulnerability

Found a security issue? We take security reports seriously

If you discover a security vulnerability in Senntra, please report it to us immediately. We appreciate your help in keeping our platform secure.

How to Report:

Email security@senntra.com with details of the vulnerability
Include steps to reproduce the issue if possible
We'll acknowledge receipt within 24 hours
We'll work with you to understand and resolve the issue
We'll credit you (if desired) once the issue is fixed

Report Security Issue

Additional Security Resources

Learn more about how we protect your information