Your data security is our top priority. Learn how we protect your information.
Mikah is built with security at its core. We employ industry-standard encryption, secure authentication, and regular security audits to ensure your data remains protected at all times.
All sensitive data is encrypted at rest using AES-256-GCM, the same standard used by banks and government agencies.
All data in transit is encrypted with TLS 1.3. We enforce HTTPS on every connection with HSTS headers.
TikTok integration uses OAuth 2.0. We never see or store your TikTok password — only secure access tokens.
User passwords are hashed using bcrypt with per-user salts. Even in the unlikely event of a breach, passwords remain protected.
API rate limiting protects against brute force attacks and abuse. Authentication endpoints have additional restrictions.
We implement comprehensive security headers including CSP, X-Frame-Options, X-Content-Type-Options, and Referrer-Policy.
Request a copy of all personal data we hold about you at any time.
Request complete deletion of your account and all associated data.
Export your data in a machine-readable format at any time.
Soft-deleted data is permanently removed from our systems after 90 days.
All payments are processed through Stripe, a PCI-DSS Level 1 certified payment processor — the highest level of certification available. We never store, process, or have access to your full credit card details.
Found a vulnerability? We take security reports seriously and will respond within 24 hours.
