← Home

Security Statement

Effective · 27 June 2026

This statement describes the security controls currently in place for welookupinsights.com. It is maintained by Welookup Insights LLP and is not an independent certification.

1. Hosting & platform

The site runs on a managed cloud platform with global edge delivery. The application database and authentication are provided by a managed backend service operating in customer-isolated projects.

2. Encryption

  • In transit: TLS 1.2+ for all traffic to and from the site and APIs; HSTS enabled.
  • At rest: database and object storage are encrypted at rest by the managed backend provider.

3. Access controls

  • Role-based access control with separate admin and member roles, stored in a dedicated user_roles table and enforced by Row-Level Security policies.
  • Admin access requires authentication; service-role credentials are restricted to server-side functions and verified webhooks only.
  • Media storage bucket is private; access is granted only through short-lived signed URLs.

4. Logging & monitoring

Server-function and edge logs are captured by the platform. Errors are surfaced to the engineering team for triage.

5. Vulnerability management

We accept security reports at legal@welookupinsights.com. Please follow the security-research rules in our Acceptable Use Policy. We acknowledge reports within 5 business days.

6. Incident response

In the event of a confirmed personal-data breach, we will notify affected customers and, where legally required, supervisory authorities within applicable statutory windows (e.g. 72 hours under GDPR).

7. Shared responsibility

Welookup secures the site and our internal systems. Customers are responsible for safeguarding their own credentials and the security of the systems they integrate with us.

Last reviewed 27 June 2026.

This page is maintained by Welookup Insights LLP. It explains current practices and is not an independent certification. Questions: legal@welookupinsights.com.

Ready to start?