Skip to main content

Security

We care about security and try to implement strong security mechanisms while providing the best service to our users.

Learning from data breaches of other Discord related service providers, we don't want to make the same mistakes and therefore take data protection and security seriously. If you have any further questions please reach out to us at contact@kite.onl

Preventing Data Misuse

To prevent attackers or other third parties from accessing any data we store, we use the following mechanisms:

  • We only work together with ISO 27001 certified hosting providers
  • All data is encrypted at rest to prevent unauthorized physical access
  • Discord bot tokens are additionally encrypted to prevent unauthorized remote access
  • Once a Discord bot token has been stored it can't be read back by the user
  • All communication over the public internet is encrypted using TLS

Preventing Data Loss

To prevent data loss we use the following mechanisms:

  • We make frequent backups of all data to a secondary storage location
  • Backups are encrypted using SSE-C
  • Backups are kept for a reasonable period to allow data recovery

Incident Response

While we try to prevent security breaches or data loss, things can always go wrong. When we learn about a security breach we commit to act immediately and fix the problem. If necessary we take down any affected systems to prevent further access until we are sure that we have fixed the issue.

Once we are certain that we have fully understood the incident and its implications we will inform our users and any affected third parties about it.