Security

Last Updated: May 2026

Security Program

Grievyn maintains a risk-based security program designed to protect the confidentiality, integrity, and availability of memorial pages, account information, and payment-related records. Our approach uses layered safeguards, operational controls, and monitoring practices appropriate for the nature of the service and the sensitivity of the information we process.

Data Protection and Infrastructure

We protect data in transit using HTTPS/TLS and use access controls, environment separation, logging, monitoring, backups, and provider security controls to reduce unauthorized access, loss, or misuse. Access to production systems is limited to authorized personnel and service providers with a legitimate operational need.

Payments and Third-Party Providers

Payments are processed by trusted third-party payment providers. Grievyn does not store full card numbers on our servers. We rely on payment processors, hosting providers, storage providers, analytics tools, and other vendors to help operate the platform, and we use reasonable vendor review and configuration practices to reduce risk.

Account Safety and Incident Response

Users are responsible for using strong passwords, protecting account access, limiting access-link sharing, and notifying us about suspicious activity. We may investigate unusual behavior, restrict access, revoke tokens, remove harmful content, or take other protective steps when needed. If we identify a security incident affecting personal information, we will assess the issue and provide notices where required by applicable law.