PriceBasket
Set location

Security

Security at PriceBasket

Last updated: May 2025

Our Commitment

At PriceBasket, protecting your data is a top priority. We apply industry-standard practices at every layer of our platform — from how we store passwords to how we transmit data. This page explains what we do and what you can do to keep your account safe.

Data Encryption

  • In transit: All data between your browser and our servers is encrypted using TLS 1.2+ (HTTPS). We enforce HTTPS on every page and API endpoint.
  • At rest: Sensitive fields in our database are encrypted. Passwords are never stored in plain text — we use bcrypt with a per-user salt.
  • Tokens: Authentication tokens are short-lived JWTs. We do not store passwords in cookies or local storage.

Account Security

  • Passwords are hashed with bcrypt (cost factor 12) and never logged or transmitted in plain text.
  • Login attempts are rate-limited to prevent brute-force attacks.
  • Sessions are invalidated on logout across all devices.
  • We do not share your credentials with any third party, including the platforms we compare.

Infrastructure Security

  • Our backend runs on managed, auto-patched cloud infrastructure with restricted network access.
  • Database access is restricted to authenticated internal services only — it is not publicly accessible.
  • We conduct regular dependency audits and apply security patches promptly.
  • Deployment pipelines include automated security scans before release.

What You Can Do

  • Use a strong, unique password for your PriceBasket account — do not reuse passwords from other sites.
  • Never share your password or login link with anyone.
  • If you receive a suspicious email claiming to be from PriceBasket, do not click any links — contact us directly at founder@pricebasket.in.
  • Log out of shared or public devices after use.

Responsible Disclosure

We welcome reports from security researchers. If you discover a vulnerability in PriceBasket, please report it to us privately before public disclosure so we can fix it and protect our users.

To report a vulnerability:

Email founder@pricebasket.in with the subject line "Security Disclosure".

Please include a clear description of the issue, steps to reproduce, and potential impact. We aim to acknowledge all reports within 48 hours and provide a fix timeline within 7 business days.

We ask that you do not publicly disclose the issue until we have had a reasonable opportunity to address it. We do not take legal action against researchers who follow responsible disclosure practices.

Incident Response

In the unlikely event of a data breach, we will notify affected users within 72 hours as required by applicable regulations. Notifications will be sent to your registered email address. We will also publish a public summary of the incident, its scope, and the steps taken to prevent recurrence.

Contact

For security concerns, reach us at:

Email: founder@pricebasket.in

Subject: Security Disclosure

Privacy PolicyTerms of UseContact Us← Home