How We Protect Your Data
Last Updated: DATE
Your privacy and the security of your precious metal holdings are our highest priorities. NomismaSafe was designed from the ground up to protect your personal information, your asset records, and your account access. Below is a clear overview of the safeguards we use to keep your data secure.
1. Your Password Is Never Visible to Anyone
- Passwords are stored using strong, one-way cryptographic hashing.
- No one at NomismaSafe can view, decrypt, or retrieve your password.
- Password resets require user verification and cannot reveal the old password.
2. Personal Information Is Encrypted
Your sensitive personal data is encrypted in our database using AES-256 encryption, the same security standard used by major financial institutions.
- Names, emails, phone numbers, and profile details are encrypted before storage.
- Encryption keys are stored securely outside the database and outside webroot.
- Even if the database were compromised, encrypted data remains unreadable.
3. Asset Data Is Kept Private
We intentionally separate identity information from asset data to protect your privacy.
- Asset records do not contain personal details.
- Sensitive notes you add may also be encrypted.
- No one outside your account can see your holdings.
4. Two-Factor Authentication (2FA)
Your account can be protected with TOTP-based 2FA (Google Authenticator, Authy, 1Password).
- Even if someone steals your password, they cannot access your account.
- 2FA adds a required, time-based security code at login.
- We never see or store your 2FA codes.
5. Secure Payment Processing
- All payments are handled by trusted PCI-compliant processors such as Stripe.
- NomismaSafe never stores full credit card numbers.
- Billing information is encrypted and access-restricted.
6. Limited and Logged Admin Access
To operate the service safely, authorized NomismaSafe staff may access limited data only when necessary for:
- Customer support
- Billing or subscription issues
- Security investigations
All admin access is:
- Restricted to authorized employees
- Encrypted where appropriate
- Logged and auditable
7. Your Control Over Your Data
- You may update your personal information at any time.
- You can export your asset data for personal records.
- You can request account deletion if you choose to leave NomismaSafe.
8. Questions?
If you have any questions about data protection or privacy, contact us anytime at: