Security - Clip Your Game

1. Data Protection & Encryption

Your data is protected with enterprise-grade security measures:

End-to-End Encryption: All data transmitted between your game and our servers uses TLS 1.3 encryption
Secure Storage: Replay files are stored in encrypted cloud storage with AES-256 encryption
Automatic Deletion: Replay files are automatically deleted from our servers within 24 hours of processing
Clip Storage: Your processed clips are stored securely for 90 days, then automatically deleted
No Personal Data: We only store Discord user IDs and replay files - no personal information

Our website and API are protected with modern security standards:

Content Security Policy (CSP): Prevents XSS attacks and unauthorized script execution
Rate Limiting: Automatic protection against brute force attacks and abuse
Input Validation: All user inputs are validated and sanitized
Security Headers: HTTPS enforcement, secure cookies, and protection against common attacks
NoSQL Injection Prevention: Database queries are protected against injection attacks
File Upload Security: Replay files are scanned for malicious content before processing

Our plugin is designed with security and privacy in mind:

Minimal Data Collection: Only collects replay files when you press the clip keybind
No Background Recording: Plugin only activates when you manually trigger a clip
Secure Transmission: All communications with our servers use HTTPS encryption
No Personal Data: Plugin doesn't access chat logs, personal files, or other game data
Open Source Components: Uses standard BakkesMod APIs with no custom hooks
Regular Updates: Plugin is regularly updated to maintain security and compatibility

Your account is protected through Discord's security infrastructure:

Discord OAuth2: Secure authentication through Discord - we never see your password
Session Security: Sessions automatically expire after 7 days and use secure cookies
No Password Storage: We don't store passwords - authentication is handled entirely by Discord
Rate Limiting: Multiple layers of protection against automated attacks
Secure Sessions: Session data is stored securely in MongoDB with automatic cleanup
Two-Factor Security: If you enable 2FA on Discord, it protects your Clip Your Game account too

We've designed our service to protect your privacy from the ground up:

Minimal Data Collection: We only collect your Discord ID and replay files you choose to clip
No Game Data Mining: We don't analyze your gameplay, chat, or personal statistics
Automatic Cleanup: Your data is automatically deleted according to our retention policies
User Control: You can delete your clips anytime from your profile dashboard
No Third-Party Sharing: Your clips and data are never shared with advertisers or third parties
Transparent Practices: Our privacy policy clearly explains what data we collect and why

Your payment information is handled with the highest security standards:

Stripe Integration: All payments processed through Stripe's PCI-compliant infrastructure
No Card Storage: We never store your credit card information on our servers
Secure Checkout: All payment pages use SSL encryption and security headers
Subscription Privacy: Only you can see your subscription details and billing history
Easy Cancellation: Cancel your subscription anytime through your profile or Stripe portal
Refund Protection: Clear refund policies protect both you and us

We follow industry standards and legal requirements:

GDPR Compliance: Full compliance with European data protection regulations
CCPA Compliance: California Consumer Privacy Act compliance for US users
OWASP Standards: Security implementation follows OWASP best practices
Data Rights: You have the right to access, modify, or delete your data anytime
Legal Basis: We process data only with your consent and for legitimate service provision
International Transfers: Data transfers comply with international privacy frameworks

Help protect your account and data with these security tips:

Enable Discord 2FA: Two-factor authentication on Discord protects your Clip Your Game account
Keep Plugin Updated: Always use the latest version of our BakkesMod plugin
Official Downloads Only: Download our plugin only from our website or official BakkesMod sources
Secure Your Discord: Use a strong password and don't share your Discord account
Review Permissions: Check what Discord permissions you've granted to our app
Monitor Your Clips: Regularly review your clip library and delete unwanted clips

We use trusted, industry-standard services to protect your data:

Discord: Authentication and user management through Discord's secure OAuth2
Stripe: Payment processing through PCI-compliant payment infrastructure
Cloud Storage: Encrypted file storage with enterprise-grade security
MongoDB: Secure database hosting with encryption and access controls
Umami Analytics: Privacy-focused analytics that doesn't track personal information
Limited Scope: Each integration has minimal permissions necessary for functionality

We believe in transparency about security practices and incidents:

Open Security Practices: This page documents our security measures transparently
Incident Notification: Users will be promptly notified of any security incidents affecting their data
Regular Updates: We continuously improve our security based on new threats and best practices
Community Feedback: We welcome security feedback from our user community
No Hidden Practices: No secret data collection or undisclosed integrations
Audit Trail: All access to user data is logged and monitored

We take security seriously and welcome responsible disclosure:

Security Issues: Report security vulnerabilities to security@clipyourgame.com
General Support: Join our Discord for general questions and support
Response Time: We respond to security reports within 24 hours
Responsible Disclosure: We work with security researchers to fix issues before disclosure
Bug Bounty: While we don't have a formal program, we appreciate security research
User Reports: Report suspicious activity or security concerns anytime