Security
Security
This page summarizes how Sottos handles payment, account, and desktop access security.
Payment security
Payments are processed through Stripe-hosted checkout and billing flows. Sottos does not store complete card numbers on its own servers.
Account security
The web app uses HTTPS in production. Authentication is handled through Clerk, while subscription and payment state are synchronized from Stripe for account-based desktop access.
Desktop access
Desktop sessions use short-lived access tokens and rotating refresh tokens. Keep your account credentials private and revoke sessions you no longer use.
Reporting
Report security concerns through the contact page or by emailing hello@sottos.ai with the subject line "Security".
Questions about this page? We read every message.Contact support