Legal & Trust

Security

We take security seriously. This page describes practical measures we use to protect your account and data.

Last updated: July 5, 2026

Account security

Accounts are protected by authentication controls, secure session handling, and access restrictions. Use a strong, unique password and keep your login credentials private. Sign out on shared devices.

Email verification

Email verification helps confirm account ownership and reduces unauthorized signups. Certain sensitive actions may require a verified email address.

Google OAuth

When Google sign-in is enabled, authentication is handled through Google's OAuth flow. We receive limited profile information needed to create or link your account — not your Google password.

Password hashing

Passwords are stored using industry-standard one-way hashing — not in plain text. We never ask for your password by email.

Role-based access

Internal features use role-based access controls so users only see data and actions appropriate to their account type. Admin capabilities are restricted to authorized personnel.

Admin access controls

Administrative access to production systems is limited, logged where practical, and used only for support, maintenance, and security operations.

Payment secrets handled by providers

Payment card data and sensitive billing credentials are processed by third-party payment providers. Freelance OS does not store full card numbers on our servers.

AI provider keys protected

API keys for AI providers are stored server-side and are not exposed to client browsers. AI requests are routed through our backend infrastructure.

Infrastructure security

We apply practical infrastructure protections including:

  • HTTPS for data in transit
  • Environment-based secrets management
  • Regular dependency updates where feasible
  • Monitoring and error logging for incident response

We do not claim SOC 2, ISO 27001, or similar certifications unless explicitly published elsewhere with verification.

Reporting vulnerabilities

If you discover a security issue, please report it responsibly to security@getfreelanceos.com. Include steps to reproduce and avoid public disclosure until we have had a reasonable time to investigate. We appreciate good-faith reports.

Related policies

For data handling details, see our Privacy Policy, Subprocessors, and Trust Center.

Questions? Visit our contact page or explore the Trust Center.