At Fizz, we’re proud to provide a safe harbor for private and intimate digital communities, and that means privacy and data security is our top priority. That’s why we’ve spent the past year building an engineering team with decades of experience at top Silicon Valley tech companies such as Apple, WhatsApp, and PayPal. We’ve also consulted with numerous cybersecurity professionals to ensure that we are following industry-standard security protocols, and our goal is to always be transparent regarding how we protect our users’ data. Below, we’ve outlined how our security practices have evolved.
First, all interactions between Fizz users, content, and our systems are done using unique and anonymized account identifiers. We’ve ensured that at no point can Fizz users, moderators, or our launch teams see another user’s Personal Identifiable Information (PII). PII on Fizz is stored in a separate secure database, which is only accessible by Fizz administrators.
Secondly, our backend services run on Google Cloud, and each user is assigned a private authentication token which only allows the user to retrieve the correct and authorized data. All data in transit is encrypted using industry-standard Transport Layer Security (TLS) protocols.
We continue to integrate with several trusted third party services to manage and protect data on Fizz. For instance, we host our backend services on Google Cloud, and their security practices can be found here. We also use Mixpanel for data analytics (security practices here), send registration emails through Amazon Web Services (security practices here), and manage internal dashboards on Retool (security practices here).
As part of our commitment to transparency, we’ll update our users whenever further changes are made to our security practices. If you have any more questions please see our Privacy Policy, FAQ, or email us at [email protected].
If you are a security researcher and interested in helping to keep Fizz secure, please see our Vulnerability Disclosure Policy.