Weje security & compliance

Your data is our responsibility, and we are committed to protecting it from unauthorized access. Here are the measures we take to ensure Weje is secure for you and your team.

Secure infrastructure

Weje uses Google Firebase infrastructure to provide storage, cloud functions, and cloud messaging. Weje also employs Firebase API to connect the application with platform features. This is designed to follow international security standards and regulations, while protecting confidentiality, data sovereignty, and data privacy regulations.

Data protection

Your data is encrypted at rest and in transit.

In transit, all network communications between users’ browsers and the Weje platform use TLS v1.2. We use TLS everywhere, within the data center and out, and support both 128­ and 256-bit configurations, depending on the browser.

At rest, your data is encrypted with AES-256. Passwords are stored hashed.

Payment information

Payment information is not stored by Weje. All payments made to HyperTech Inc, Weje’s owner, go through our partner, Stripe, a PCI compliant platform for payments, subscriptions, and invoicing.

Account access

We verify account access through both email/password­-based authentication and Google Accounts authentication via OAuth 2.0.

Report a vulnerability

We take security seriously. If you discover any security vulnerability in Weje, please submit your report and we’ll do our best to fix it as soon as possible. For additional assistance, contact us by e-mail

Data privacy

We align our data protection and privacy practices with regulatory requirements. Our Privacy policy is dedicated to ensuring that all customer and employee personal data is treated in accordance with the CCPA and GDPR.

The California Consumer Privacy Act (CCPA) 2018

Weje does not sell your data, is compliant with the service provider requirements, and is ready to fulfill any CCPA requests.

EU General Data Protection Regulation (GDPR)

Weje respects all laws that apply to our business, including GDPR. Weje appreciates that customers have rights under GDPR, and we are committed to respecting those rights.

Workspace deletion

A workspace can be deleted at any time from the account settings menu. Upon requesting to delete a workspace, all content will immediately become inaccessible. After 30 days, the content will be deleted from our servers and can no longer be recovered.