Security & Compliance

We practice what we preach. Our internal security posture is built on zero-trust principles and rigorous defense-in-depth strategies.

Data Encryption

All sensitive data is encrypted at rest (AES-256) and in transit (TLS 1.3).

SOC 2 Type II

We are currently undergoing our SOC 2 Type II observation period.

GDPR Compliant

Full compliance with GDPR & CCPA. We process data only with explicit consent.

Regular Audits

Our smart contracts and infrastructure undergo quarterly third-party audits.

Responsible Disclosure

If you believe you have found a security vulnerability in Descry, please let us know right away. We investigate all reports and do our best to quickly fix valid issues.

Please email security@descry.app. You can use our PGP key for sensitive communications.

-----BEGIN PGP PUBLIC KEY BLOCK-----
Comment: User ID:	Maciej Dmowski Halopeau <maciej@descry.app>
Comment: Valid from:	2/18/2026 8:57 AM
Comment: Valid until:	2/18/2029 12:00 PM
Comment: Type:	255-bit EdDSA (secret key available)
Comment: Usage:	Signing, Encryption, Certifying User IDs
Comment: Fingerprint:	269D 209F E0C1 23BF A0AD  CE64 DA13 93FB 2A64 4DBD


mDMEaZVw6xYJKwYBBAHaRw8BAQdAHFrPt016RXVpqLDbZ/6hd5MKV70sMrznhtnf
oUiG/lS0K01hY2llaiBEbW93c2tpIEhhbG9wZWF1IDxtYWNpZWpAZGVzY3J5LmFw
cD6ItQQTFgoAXRYhBCadIJ/gwSO/oK3OZNoTk/sqZE29BQJplXDrGxSAAAAAAAQA
Dm1hbnUyLDIuNSsxLjExLDIsMQIbAwUJBaUWxQULCQgHAgIiAgYVCgkICwIEFgID
AQIeBwIXgAAKCRDaE5P7KmRNvfVMAQDe5UtTm+KJm4k6XaE1yjAGbJ7QVaZJH/sp
+Hv9NoOH2wD+K79aIYw0aevH/4wemMHOfAyg8Sdh22oQXnblkUDaBQC4OARplXDr
EgorBgEEAZdVAQUBAQdARPRmFmVrvD0xR1QDtNWB1buAE2ksBVyPjLR5Ys9OJAYD
AQgHiJoEGBYKAEIWIQQmnSCf4MEjv6CtzmTaE5P7KmRNvQUCaZVw6xsUgAAAAAAE
AA5tYW51MiwyLjUrMS4xMSwyLDECGwwFCQWlFsUACgkQ2hOT+ypkTb2PHwD/bREg
exnyyM1rrMHRa93w96hNleE978CBovE55c6o3nsBANpx5Eub3/2OfLm8HjFOMtSE
u9JCCACN5siivMcPQi0E
=03PT
-----END PGP PUBLIC KEY BLOCK-----