Security Policy

Last updated: May 26, 2026

At Momento App, protecting user memories and personal information is a top priority. We implement modern security practices and infrastructure safeguards to help keep your data secure.

Infrastructure Security

Momento App uses secure cloud infrastructure providers including:

  • Amazon Web Services
  • Cloudinary

These providers maintain globally recognized security and compliance standards.

Data Encryption

All user data is protected using encryption technologies including:

  • TLS/SSL encryption for data transmitted over the internet
  • AES-256 encryption for stored content and backups

This helps protect uploaded photos, videos, and account information.

Access Controls

We use strict authentication and authorization measures, including:

  • Role-based access permissions
  • Secure credential handling
  • Limited internal data access
  • Administrative access protections

Only authorized systems and personnel may access operational data when necessary.

Monitoring and Threat Detection

We actively monitor platform activity to detect:

  • Unauthorized access attempts
  • Malicious activity
  • Fraudulent usage
  • Service abuse
  • Infrastructure vulnerabilities

Security updates and patches are applied regularly.

Incident Response

If a security incident occurs, we aim to:

  1. Investigate the issue promptly
  2. Contain and mitigate risks
  3. Notify affected users when legally required
  4. Improve safeguards to prevent recurrence

User Responsibilities

Users also play a role in maintaining account security. We recommend:

  • Using strong passwords
  • Protecting event invite links
  • Avoiding unauthorized sharing of private content
  • Keeping devices updated

Responsible Disclosure

If you discover a security vulnerability, please report it responsibly to:

security@sharemomento.app

We appreciate good-faith security research and will investigate all legitimate reports.