Your store is safe with us
Security isn't an add-on at Ecomplify — it's built into every store. From DDoS mitigation and always-on SSL to GDPR-aligned data handling and PCI-DSS payments, here's how we protect you and your customers.
Real-time monitoring across our services.
DDoS protection
Every store sits behind an enterprise-grade edge network that absorbs and filters volumetric and application-layer attacks automatically — so your storefront stays online during traffic spikes and attacks alike.
Free & managed SSL
Every store — free subdomain or custom domain — gets an automatically issued and renewed SSL/TLS certificate. Need an organization-validated or premium certificate? We support paid SSL too. All traffic is HTTPS by default.
PCI-DSS payments
We never store raw card numbers. Payments run through PCI-DSS Level 1 certified gateways — Stripe, PayPal and Razorpay — so sensitive card data is tokenized and handled by the experts, keeping your compliance burden minimal.
AWS-grade hosting
Your store and customer data is hosted on AWS with encryption in transit (TLS 1.2+) and at rest, backed by automated backups and continuous monitoring.
GDPR-aligned privacy
Explicit opt-in for marketing, one-click unsubscribe, and honored data-subject requests (access, export, deletion). We sign standard Data Processing Agreements with our sub-processors (AWS, Cloudflare).
Hardened infrastructure
Encryption in transit (TLS 1.2+), least-privilege access to systems, isolated environments and continuous monitoring. Built on AWS and a global edge — the same foundations the largest stores rely on.
Compliance & your data rights
- GDPR: data minimization, explicit marketing consent, and the right to access, export or delete your data on request.
- Hosting & encryption: data is hosted on AWS and encrypted in transit and at rest; international transfers rely on standard contractual safeguards.
- Sub-processors: we operate on AWS and Cloudflare under their standard Data Processing Agreements.
- PCI-DSS: card data is handled exclusively by PCI-DSS Level 1 certified payment providers — we never store card numbers.
This page summarizes Ecomplify's security practices for general information and does not constitute a contractual warranty or legal advice. For questions about security, compliance or a Data Processing Agreement, contact [email protected].