At FilmTailorAI, we prioritise the protection of user data and media assets by implementing strong encryption methods and secure infrastructure practices. Our approach ensures that data remains protected at rest, in transit, and within our systems, maintaining confidentiality and safeguarding against unauthorised access.
Effective Date: 25.07.2025
1. Encryption at Rest
All data stored on FilmTailorAI, including user information and media assets, is encrypted using industry-standard AES-256 encryption. Files uploaded or generated on the platform are automatically encrypted before being stored, ensuring protection even if storage systems are compromised.
2. Encryption in Transit
All data transmitted between users and the platform is secured using HTTPS with TLS 1.2 or higher. This prevents interception, tampering, or exposure of sensitive information while it is in transit over public or private networks.
3. Authentication and Password Security
FilmTailorAI uses a secure authentication system. User passwords are never stored in plaintext. They are hashed using the bcrypt algorithm, which incorporates salting and computational complexity to protect against brute-force attacks and ensure password security.
4. Secrets Management
Sensitive application credentials such as API keys, access tokens, and database connection strings are stored in an encrypted and access-controlled environment. Only authorised platform services and personnel can retrieve these values, reducing the risk of accidental exposure or misuse.
5. Non-Sequential Identifiers
All core entities on the platform, including users, files, and projects, are assigned globally unique identifiers (GUIDs). This prevents predictable sequences, making it significantly harder for malicious actors to guess or enumerate resource identifiers.
6. Secure Development Practices
Our development process follows secure coding principles with version-controlled code repositories, peer-reviewed pull requests, and environment-based configuration separation. Dependencies are continuously monitored, patched, and updated to minimise the risk of known vulnerabilities.
7. Restricted Infrastructure Access
Access to FilmTailorAI internal systems, including databases and backend services, is limited to authorised personnel and protected by a secure private network. This ensures sensitive infrastructure is isolated from public access and protected by both network and application-level controls.