ECEscrows Clickescrows.click
Trust Center

Trust, Security & Privacy

This page is maintained by the Escrows Click team to answer common security and privacy questions about escrows.click.

Sign Up & Create a DealPriority Support · @escrowsclick

A note on scope

Escrows Click is a manual escrow facilitator. This page describes the controls we have enabled today and how we handle customer data. It is editable content maintained by us and is not an independent certification or audit attestation.

Access & authentication

  • Email + password sign‑in with password strength checks at registration.
  • Email verification before sensitive account actions.
  • Row‑level security on every customer‑data table: signed‑in users can only read or modify rows they own, or rows for deals they are a party to.
  • Admin actions are gated by a server‑side role table, never by client claims.

Data we collect

  • Account: email, optional display name / username, optional avatar and bio.
  • Deal metadata: counterparties, item description, amounts, status, timestamps.
  • Payment proof artifacts (transaction hashes, optional screenshots) and delivery proof artifacts you upload.
  • Reputation signals derived from your completed deals and counterparty reviews.

Sensitive fields such as your email address and payout details are never exposed on your public trader profile. Public profiles show only username, display name, avatar, bio, join date, reputation, badges and (unless you opt out) aggregate volume and recent deal history.

Storage & file handling

  • Payment proofs and delivery proofs are stored in private buckets — they are never served from a public URL.
  • Access to a proof file is limited to the parties of the deal it belongs to and authorized staff.

Subprocessors & integrations

  • Lovable Cloud (managed Supabase) — database, authentication and file storage.
  • Optional outbound channels you choose to use (e.g. Telegram for priority support).

We do not sell customer data. We share data with subprocessors only as required to run the service.

Retention & deletion

Deal records are retained while your account is active so both parties keep a tamper‑evident history. You can request deletion of your account by contacting us; we will redact personal identifiers while preserving anonymized deal records needed for dispute resolution and accounting.

Reporting a security or privacy concern

Please reach us on Telegram at @escrowsclick. Include a clear description and, when relevant, reproduction steps. We acknowledge reports as quickly as we can and triage suspected vulnerabilities first.

What this page is not

  • Not a SOC 2, ISO 27001, PCI, HIPAA or GDPR compliance attestation.
  • Not a guarantee that no incident can ever occur.
  • Not a substitute for our Terms, Privacy Policy or Escrow Agreement.