Security & Compliance
Your security is our top priority. We implement industry-leading security practices to protect your data and ensure service reliability.
How We Protect Your Data
Multi-layered security approach to keep your data safe
Encryption Everywhere
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.
- TLS 1.3 for all connections
- AES-256 encryption at rest
- Encrypted database backups
- Secure key management
DDoS Protection
Enterprise-grade DDoS mitigation ensures your links stay online even under attack.
- Cloudflare protection
- Rate limiting per IP
- Bot detection & mitigation
- 99.99% uptime guarantee
Privacy First
We collect only what's necessary and never sell your data to third parties.
- GDPR compliant
- CCPA compliant
- No data selling
- User data controls
Infrastructure Security
Our infrastructure is built on industry-leading cloud providers with SOC 2 compliance.
- SOC 2 Type II certified
- Regular security audits
- Isolated environments
- Automated backups
Regular Audits
Third-party security audits and penetration testing ensure we stay ahead of threats.
- Quarterly penetration tests
- Annual security audits
- Bug bounty program
- Vulnerability scanning
Incident Response
Our 24/7 security team monitors for threats and responds immediately to incidents.
- 24/7 monitoring
- Incident response plan
- Transparent communication
- Post-incident reports
Data Protection Principles
Transparency in how we handle your data
Data Collection
We only collect data necessary to provide our service: email, links created, and click analytics.
Data Storage
All data is stored in secure, encrypted databases with regular backups in multiple geographic regions.
Data Access
Only authorized personnel have access to user data, and all access is logged and monitored.
Data Deletion
Users can request data deletion at any time. We comply within 30 days and provide confirmation.
Compliance & Certifications
Meeting the highest industry standards
SOC 2 Type II
Annual audit of security controls
GDPR
EU data protection regulation
CCPA
California privacy law
ISO 27001
Information security standard
Responsible Disclosure
We welcome security researchers to help us keep rus.sh secure
Bug Bounty Program
We offer rewards for valid security vulnerabilities based on severity:
- • Critical: $1,000 - $5,000
- • High: $500 - $1,000
- • Medium: $100 - $500
- • Low: $50 - $100
How to Report
If you discover a security vulnerability, please:
- • Email security@rus.sh
- • Include detailed steps to reproduce
- • Allow 90 days for resolution
- • Don't publicly disclose until resolved
Security Resources
Learn more about our security practices
Security Whitepaper
Detailed overview of our security architecture