Security
Dieser Inhalt ist noch nicht in deiner Sprache verfügbar.
Quick answers to the most common security and infrastructure questions. For anything not covered, reach out at hello@namedrop.io.
Infrastructure
Section titled “Infrastructure”| Question | Answer |
|---|---|
| Where does your infrastructure sit? | Serverless on AWS, based in eu-west-1 |
| What kind of auth do you use? | AWS Cognito with OTP (one-time passcode) flow and SSO one-click login / signup |
| Is data encrypted in transit and at rest? | Yes |
| Do you follow secure coding practices? | OWASP coding principles — privacy and security by design |
NameDrop supports SAML 2.0 today, with OpenID Connect on the roadmap. See SSO overview and SAML setup.
Data handling
Section titled “Data handling”| Question | Answer |
|---|---|
| What attributes do you use from client systems? | First Name, Last Name, Email. The name recording itself is generated on NameDrop. |
| Do you share data with third parties? | No. Data is owned by you and the user. |
| Do you use client user data for marketing? | No. |
| Where are recordings stored? | AWS S3 (encrypted at rest), served via CloudFront |
Auth state visibility
Section titled “Auth state visibility”Authentication credentials are not visible to NameDrop staff or to anyone outside the user themselves. AWS Cognito enforces encryption and AWS patches the underlying auth service.
Want more detail?
Section titled “Want more detail?”For SOC 2 reports, DPA, security questionnaires, or pen-test summaries, contact hello@namedrop.io — happy to share under NDA.