Try Free

Security

Comprehensive security practices and measures protecting your data at Minimal.

Last updated: November 2025

Beta Security features and certifications are continuously being enhanced during our beta period. Some certifications may be in progress.

AWS Infrastructure

Hosted on industry-leading cloud platform

GDPR Compliant

Full European data protection compliance

99.9% Uptime Goal

Target availability (not guaranteed during beta)

Our Commitment to Security

Security is at the core of everything we do at Minimal. We understand that you're entrusting us with your valuable data, and we take that responsibility seriously. Our comprehensive security program is designed to protect your information through multiple layers of protection, continuous monitoring, and strict compliance with industry standards.

Infrastructure Security

  • AWS Cloud Infrastructure: Hosted on Amazon Web Services, which maintains SOC 2, ISO 27001, and other industry certifications
  • Network Isolation: Services deployed within isolated virtual private cloud (VPC) environments
  • AWS Physical Security: AWS data centers feature comprehensive physical and environmental security controls

Data Protection

Encryption

  • In-Transit Encryption: TLS encryption for all data transmission between clients and our services
  • At-Rest Encryption: Data stored using AWS encryption services (AES-256)

Access Control

  • Authentication: Secure user authentication for account access
  • AWS IAM: Infrastructure access managed through AWS Identity and Access Management

Application Security

  • Secure Development Lifecycle: Security integrated into every phase of development
  • Code Review Process: Mandatory peer review and automated security scanning
  • Dependency Management: Automated vulnerability scanning of third-party libraries
  • Input Validation: Comprehensive validation and sanitization of all user inputs
  • API Security: Rate limiting, authentication, and authorization on all API endpoints
  • Session Management: Secure session handling with automatic timeout and rotation

Regulatory Compliance

  • GDPR (General Data Protection Regulation): We strive to comply with EU data protection requirements
  • CCPA (California Consumer Privacy Act): We strive to comply with California privacy regulations
  • AWS Certifications: Our infrastructure provider (AWS) maintains SOC 2, ISO 27001, and other industry certifications

Monitoring & Incident Response

  • AWS CloudWatch: Service monitoring and alerting through AWS infrastructure
  • Incident Response: We investigate and respond to security concerns as they arise
  • Customer Notification: We will communicate transparently in case of security incidents

Business Continuity

  • Automated Backups: Continuous data backup with point-in-time recovery
  • Disaster Recovery: Tested disaster recovery procedures with defined RTO and RPO
  • High Availability: Redundant systems across multiple availability zones
  • Uptime Target: 99.9% uptime goal with proactive monitoring

Beta Notice: During our beta period, no Service Level Agreement (SLA) is in effect. The 99.9% uptime is our operational target, not a contractual guarantee. Beta services may experience interruptions, and no service credits or compensation apply for downtime during this period. Please see our Terms of Service for details.

Data Management

  • Data Export: Export your data for backup or migration
  • Data Deletion: We will delete your data upon request in accordance with applicable law

Report a Security Issue

If you discover a security vulnerability, please report it responsibly to our security team:

Email: security@minimal.lat

PGP Key: Available upon request

We appreciate responsible disclosure and will respond promptly to all security reports.