Trust & Security
This page is maintained by HerAmino to answer common security and privacy questions about the HerAmino and HisAmino storefronts. It describes controls currently in place; it is not a third-party certification or independent audit.
Accounts & authentication
- Accounts are protected with email and password sign-in.
- Passwords are stored as salted hashes by our managed authentication provider — never in plain text.
- Sign-in sessions are scoped to your browser and can be revoked at any time by signing out from the account page.
- Administrative functions are restricted to designated staff accounts using role-based access control.
Data protection
- All traffic to the site is served over HTTPS/TLS.
- Customer data is stored in a managed Postgres database with row-level security policies that restrict each record to the account that owns it.
- Sensitive internal endpoints are protected by request authentication and signed webhook verification.
Payments
Card and wallet payments are processed by our third-party payment providers. Full card numbers and CVV codes are never sent to or stored on HerAmino servers.
Subprocessors & integrations
We rely on reputable infrastructure and service vendors for hosting, email delivery, payments, and order fulfillment. For a current list, please contact support@heramino.co.
Privacy & data requests
You can request access, correction, or deletion of your personal data at any time by emailing support@heramino.co. See our Privacy Policy for full details on what we collect and how it is used.
Cookies & analytics
We use essential cookies to keep you signed in and to remember your cart, plus limited analytics to understand site usage. We do not sell personal data.
Reporting a security issue
If you believe you have found a security vulnerability affecting HerAmino, please email support@heramino.co with steps to reproduce. We appreciate responsible disclosure and will respond as quickly as we are able.
Shared responsibility
Security is a shared responsibility. We work to keep the platform and your data secure; you can help by using a strong, unique password, keeping your email account secure, and signing out from shared devices.