Encryption and transport security
The platform uses HTTPS/TLS to protect data in transit between your device and our services.
Authentication and session controls are used to reduce unauthorized access risk.
Payment security
Payments are processed by PCI-compliant payment providers, including Stripe and/or Creem where enabled.
Aslax does not store full payment card numbers or CVV on its own servers.
Access controls and monitoring
We apply least-privilege access to internal systems and sensitive operational data.
Operational logging and monitoring are used to detect fraud, abuse, and anomalous activity.
The service runs on managed cloud infrastructure with layered protections across network, application, and storage boundaries.
Two-factor authentication (2FA) using TOTP is available for supported account security and sensitive admin verification flows.
Generated media exports pass through a provenance-stamping layer that writes machine-readable origin markers into supported file formats before delivery.
- Periodic internal access reviews
- Security and reliability alerts for high-risk signals
- Account restriction and enforcement when abuse or fraud risk is detected
- Production backup, redundancy, and recovery controls
Vendor security and reporting
External vendors, including model, infrastructure, AI moderation, and billing providers, are reviewed for security and operational suitability.
Security vulnerability reports: aslan@aslax.eu
General customer support: support@aslax.eu
Credential responsibility
You are responsible for protecting your account credentials and access devices.
Additional verification checks may be required when risk is reasonably elevated.