Security & Trust

Digital Visionworks LLC ("we", "our") is committed to protecting the security and privacy of your data. This page outlines the measures we take to secure the Clockwork Venue service ("Service") and keep your information safe.

We implement robust safeguards to protect your data.

• Encryption in Transit: All data transmitted between your device and our servers is encrypted using industry-standard HTTPS/TLS (Transport Layer Security).
• Encryption at Rest: Data stored in our databases is encrypted at rest by our infrastructure providers (Google Cloud), protecting it from physical or logical unauthorized access.
• Credential Security: We enforce secure password policies and store credentials using modern, salted hashing algorithms.

Access to data within Clockwork Venue is governed by role-based access controls (RBAC). Roles such as DJ, Manager, and Owner have specific permissions to ensure users can only access the information necessary for their function. We follow the principle of least privilege.

Clockwork Venue is hosted on Google Firebase, a platform with a robust security posture and compliance certifications (including SOC 2, ISO 27001). We perform regular automated backups to ensure data can be recovered in case of a disaster.

We strive for high availability and have monitoring in place to detect issues. In the event of a security incident, our team will take immediate steps to contain the threat, investigate the cause, and notify affected parties as required by law.

If you suspect an urgent security issue, please contact us at security@clockworkvenue.com.

We use trusted third-party service providers to help us deliver the Clockwork Venue service. These subprocessors are vetted for their security and privacy practices.

• Google Cloud / Firebase: Cloud infrastructure, database, and hosting.
• Stripe: Secure payment and subscription billing.

This list may be updated as our service evolves.

We encourage responsible disclosure of security vulnerabilities. If you believe you have found a vulnerability, please report it to us at security@clockworkvenue.com so we can investigate and address it promptly. We do not currently offer a bug bounty program.

For information on how to access, export, or request deletion of your personal data, please refer to our Privacy Policy or contact us at privacy@clockworkvenue.com.