Security & Trust
Skari Inc. builds security and privacy in from the start (privacy by design) to protect the data of users and survey respondents. Below are the security measures currently in place.
Encryption
- •TLS/HTTPS encryption in transit
- •Encryption at rest (provided by cloud infrastructure)
- •Payment details are tokenized by PCI-DSS certified Stripe and never stored
Access Control
- •Survey access control: public / signed-in / invited emails only
- •Owner, editor, and viewer roles (least privilege)
- •Server-side security rules restrict data access
Authentication & Account Security
- •Secure authentication via Firebase Authentication
- •Two-factor authentication (2FA/TOTP) available
- •Login monitoring to detect abnormal access
- •Regular security reviews and updates
Privacy Protection
- •Anonymous response option (no respondent identity stored)
- •Sensitive answer masking with authorized reveal
- •Data-collection consent before a survey starts
- •Automatic PII detection (regex + AI)
Auditing & Logging
- •Access audit log for sensitive-data reveals
- •Append-only logs to preserve integrity
- •Logs readable by managers only
Data Transparency
- •Collection items, purpose, and retention disclosed in our policy
- •Disclosure when data is sent to AI providers
- •Support for access, correction, and deletion requests
- •Deletion requests handled within 30 days of account closure
Certifications & Compliance
We comply with the Personal Information Protection Act (PIPA) of Korea and operate the technical safeguards above. The Service runs on Google Cloud and Firebase infrastructure, which hold certifications such as SOC 2 and ISO 27001. The Company itself does not currently hold formal external certifications such as SOC 2 or ISO 27001; we plan to pursue them as enterprise demand grows. For security inquiries or due-diligence requests, contact us below.
Related: Privacy Policy · Terms of Service