Our approach
Security is a baseline, not a feature. We build JanusLabs on top of industry-trusted infrastructure providers and follow standard practices for protecting customer data.
Data in transit and at rest
All connections to JanusLabs are encrypted in transit. Your account data, files, and content are encrypted at rest by our infrastructure providers.
Authentication
Sign-in is handled through trusted third-party providers — we never see or store your password. Sensitive actions are re-verified on the server before they run.
Payments
Card details, CVCs, and other payment instruments are handled exclusively by our payment processor. JanusLabs never sees or stores full payment information.
Access controls
Production access is tightly limited to the people who operate the service, and protected by multi-factor authentication. Customer data is only accessed for support, safety, or legal reasons.
Backups
We back up customer data regularly and can roll back the application to a previous version quickly if needed.
Reporting a vulnerability
If you believe you've found a security issue in JanusLabs, please report it to support@januslabs.dev with the subject line SECURITY. Please:
- Give us a clear description and steps to reproduce.
- Avoid testing techniques that could damage data or degrade service for other users.
- Give us reasonable time to investigate and fix before public disclosure.
We don't currently run a paid bounty program, but we'll credit researchers who report responsibly and want public recognition.
What we don't do
- We don't sell your data to advertisers.
- We don't train our own AI models on your prompts or content without explicit, separate consent.
- We don't store payment card details.