PPCexpo Security

We take security very seriously; we use maximum security standards to keep your account and data safe.

Secure Access

PPCexpo servers can only be accessed via HTTPS protocol by using Secure Socket Layer (SSL) security standard to ensure all data is authenticated and encrypted. SSL ensures incoming and outgoing web traffic is safe from security threats. SSL protects sensitive information like login, password, account details, etc.

No Access to Your Password

We do not have access to your password; therefore your password cannot be stored. By using OAuth authorization standard, once you have authenticated yourself with a data provider (e.g. Google), the provider grants a limited scope (access and duration) Token to PPCexpo. We store and use the Token to fetch data on your behalf and generate a report for you. You are always in control; you can revoke the Token anytime you want.

Data Is Not Stored Long Term

After your data is retrieved from a provider (e.g. Google), we process it to generate a report for you. Once the report generation process is complete, we delete the data. We do not store your data long term.

Cross-Site Scripting (XSS)

All user inputs in PPCexpo are properly encoded to ensure XSS vulnerabilities are avoided

Cross-Site Request Forgery (CSRF)

All POST requests in PPCexpo are checked for CSRF token before processing the request

SQL Injection

PPCexpo uses stored procedures and ensures to call them through safe SQL commands from the application server to avoid SQL injection