Security

Last updated: 17 July 2026

Our approach

Ember holds as little about you as possible and holds it for as short a time as possible. Accounts and profiles persist, but everything tied to a night (presence in a room, waves, matches) is deleted within minutes of the venue closing, and in any event within 24 hours. Less stored data is less data at risk.

How data is protected

Traffic is encrypted in transit with TLS. Sign-in is passwordless: we verify a one-time code by SMS, or a trusted provider like Google, Microsoft or Apple, so there is no password to leak. Sessions are held in signed, http-only cookies.

Photos are stored in private object storage and served through short-lived signed links, never from a public bucket. Access to production systems is limited to the people who need it.

Your part

Use a phone number and sign-in accounts only you control, and sign out on shared devices. If you think someone else has access to your account, contact us and we will end your active sessions.

Reporting a vulnerability

If you have found a security issue, we want to hear about it. Email us at [email protected] with enough detail to reproduce it. Please give us reasonable time to fix the issue before disclosing it publicly, and do not access or change other people's data while testing. We will not pursue legal action against good-faith research that follows this.