Access control
Client and founder routes require authentication. Founder permissions are checked server-side, and administrative changes are recorded in an audit log.
Trust Center · Verified 13 July 2026
This page describes the safeguards currently implemented in the Nanoneuron platform and the delivery commitments defined through paid commercial agreements.
Client and founder routes require authentication. Founder permissions are checked server-side, and administrative changes are recorded in an audit log.
Software begins only after agreed payment. Audit execution requires a paid invoice tied to the correct product, and each single-scan entitlement can be used once.
The platform applies rate limits, secure headers, input validation, password hashing, payment-signature verification, restricted CORS, and SSRF defenses for website scans.
Production data is stored in PostgreSQL. Secrets are kept outside source code, sensitive founder APIs are private, and public error responses avoid exposing internal details.
Releases pass automated tests, linting, type checks, production builds, database migrations, deployment health checks, and public-route smoke tests.
Customer names, testimonials, certifications, uptime claims, and business outcomes are published only when they are verified and authorized.
Scope, acceptance criteria, milestones, ownership, response windows, support periods, and exclusions are written in the proposal or contract. Marketing pages do not override signed terms.
Report security, privacy, billing, or delivery concerns to service@nanoneuron.ai. Include the affected URL or invoice identifier, impact, and safe reproduction details. Do not send passwords or payment credentials.