Security at Figmate

At Figmate, we take data security seriously. While we are an early-stage product, we follow industry best practices to protect your information.

🔐 Data Protection

• All data is encrypted in transit using HTTPS (TLS 1.2+)
• Passwords are securely hashed before storage
• Access to user data is restricted and monitored

🧠 Design Data & Prompt Handling

• Prompts you enter are processed via secure, encrypted API calls
• Your design data from Figma is never shared beyond what's required for generation
• Prompt history is stored securely and only visible to you

🧰 Infrastructure

• Hosted on secure, actively monitored infrastructure

• We use trusted third-party services:

• OpenRouter for AI processing
• Stripe for payment handling

🔁 Vulnerability Management

• We monitor for potential security vulnerabilities regularly
• Critical issues are patched as soon as possible
• If a data incident occurs, we will notify affected users promptly

🔐 Authentication & Access

• Email/password login (hashed + secured)
• Google OAuth available for added security
• Admin access is limited and role-based

🚧 Compliance

While Figmate is not yet SOC 2 or ISO27001 certified, we aim to align with those standards as we grow.

🔗 Questions or Concerns?

Email us at support@figmate.app — we're happy to chat.