Security at NicheMaps
How we protect your account and data. Security is a shared responsibility we take seriously.
Encryption everywhere
All traffic is served over TLS (HTTPS). Data at rest — including our database and object storage — is encrypted with AES-256.
Least-privilege access
Services run with scoped IAM roles and access only the resources they need. Secrets live in a managed parameter store, never in code.
Managed cloud infrastructure
We run on AWS (S3, CloudFront, Lambda, DynamoDB) with automated patching and isolation between components.
Payment security
Card details are handled entirely by Stripe, a PCI-DSS Level 1 provider. We never see or store your full card number.
Minimal data collection
We collect only what's needed to run your account. We never sell your personal data.
Backups & resilience
Core data is durably stored with point-in-time recovery, and static assets are globally cached for availability.
Reporting a vulnerability
We welcome responsible disclosure. If you believe you've found a security issue, please email support@orbian.net with details and steps to reproduce. Please give us a reasonable window to investigate and remediate before any public disclosure. We appreciate your help keeping the platform safe.
Data sources & compliance
Ad-creative data is sourced from public, regulator-mandated transparency centers (Google Ads Transparency Center, Meta Ad Library). App catalog and metric data come from public store listings. We link back to the original sources so any data point can be independently verified.