Security at SQRL

Your data security and privacy are our top priorities

Security Icon

Our Commitment to Security

At SQRL, we understand that when you use our lost and found system, you're trusting us with your personal information. We take this responsibility seriously and have implemented bank-level security measures to protect your data. Our approach to security is comprehensive, covering everything from application design to operational practices.

Application Security

Data Privacy by Design

Our QR code system is designed with privacy at its core. When someone scans an item's QR code, they don't see any personal information about the owner. Instead, they're shown a secure interface to report the found item and its location.

Secure Authentication

We use industry-standard authentication protocols, including OAuth integration with Google, to verify user identities. Our password policies enforce strong password requirements, and all authentication credentials are encrypted.

Role-Based Access Control

Different user types (parents, school administrators) have carefully defined access levels. This ensures users can only access the information they need and are authorized to view.

Data Protection

Encryption

All data in our system is encrypted both in transit and at rest. We use TLS/SSL encryption for all data transmitted between your browser and our servers, and industry-standard AES-256 encryption for data stored in our databases.

Minimal Data Collection

We follow the principle of data minimization, collecting only the information necessary to provide our service. Contact information is used exclusively for lost item notifications and is never shared with third parties for marketing purposes.

Secure Communication

When an item is found, our system facilitates secure communication between the finder and the owner without exposing personal contact details, protecting everyone's privacy.

Infrastructure Security

Cloud Security

Our application is hosted on secure cloud infrastructure with built-in protection against DDoS attacks, intrusion detection, and continuous monitoring for suspicious activities.

Regular Backups

We perform regular automated backups of all data, ensuring that information can be recovered in case of any system failures without compromising security.

Network Security

Our infrastructure employs multiple layers of network security, including firewalls and network segmentation, to prevent unauthorized access to our systems and your data.

Operational Security

Security Testing

We conduct regular security testing, including vulnerability scanning and penetration testing, to identify and address potential security issues before they can be exploited.

Security Updates

Our systems are kept up-to-date with the latest security patches and updates to protect against emerging threats and vulnerabilities.

Employee Training

All SQRL team members undergo regular security awareness training to ensure they understand and follow secure handling procedures for customer data.

Parent & School Controls

For Parents

  • Full control over what information is shared when an item is found
  • Ability to manage notification preferences
  • Option to remove items from the system at any time

For Schools

  • Administrative dashboard with appropriate access controls
  • Bulk management capabilities with security safeguards
  • Detailed audit logs of system activities

Compliance & Industry Standards

Data Privacy Regulations

Our practices are designed to comply with relevant data privacy regulations, ensuring your information is handled responsibly and legally.

Security Best Practices

We follow industry-recognized security best practices and frameworks to ensure our systems meet or exceed standard security expectations.

Frequently Asked Security Questions

Who can see my child's information when a QR code is scanned?

When someone scans your child's QR code, they don't see any personal information. They only see a secure interface to report the item as found, which then sends you a notification through our system. Personal contact information is never revealed to the finder.

How is location information handled when an item is found?

Location information is only collected at the moment an item is reported found, and only with the finder's permission. This information is used solely to help you locate your lost item and is not used for any other purposes.

Can schools access all parent and student information?

School administrators only have access to the information necessary to manage the lost and found system efficiently. They cannot access personal communications between parents and finders or detailed contact information beyond what parents have explicitly shared with the school.

How long do you keep data about lost and found items?

Data about lost and found items is retained as long as your account is active or as needed to provide our services. You can request deletion of specific lost and found records or your entire account data at any time through your account settings.

Still Have Questions About Security?

We're committed to transparency about our security practices. If you have additional questions or concerns, our team is here to help.