Many companies say they take security seriously. In our case, we’d like to demonstrate this with concrete information.

Security Audit

From time to time, we commission independent Internet security professionals to audit our security. We implement any findings and recommendations as a matter of priority.

EU General Data Protection Regulation (GDPR)

As we are based in Spain, which is in the European Union, we are regulated by the EU General Data Protection Regulation (GDPR). We abide fully by the EU GDPR. Read more about our GDPR compliance.

Employee Access

  • Wherever possible, we use two factor authentication (2FA) to restrict access to our IT infrastructure and to customer data.
  • Each team member is supplied with a password manager application to ensure that we all use strong, unique passwords for each service we use.
  • When an individual ceases working with us, we revoke their access to all services.


The Feature Upvote application runs on Amazon’s AWS infrastructure. We follow AWS’s best practice guides. We regularly audit our use of AWS. We regularly check our server logs for suspicious activity.


Your data is safe with us. We take frequent backups and regularly ensure that a recent backup can be restored. Access to backups is guarded with a combination of 2FA, password managers, and tight access rules.

Credit Card Data

At no time do we store your credit card details on our servers. Our payment processor, Stripe, handles all payment processing on our behalf. Stripe ensures that all relevant compliance, such as PCI, is met.

None of our staff, including management, have access to your credit card info.

Got questions about our security? Ask us at