Security

KnowLocal by GroLocal (operated by Infonaut Ltd) takes the security of your data seriously. This page summarises the main measures we take. It isn't a certification, but an honest description of how the service is built.

1. Data protection

• Encryption in transit — the whole site is served over HTTPS/TLS.
• No card data — payments for KnowLocal Plus are handled by Stripe; we never receive or store your card number.
• Data minimisation — we store only what we need (your email, the business you asked about, and your results) and delete it on a schedule or on request.
• Managed infrastructure — hosting, database and storage run on Cloudflare's platform, with data encrypted at rest.

2. Access & abuse protection

• Email verification (OTP) gates access to reports, so they stay private to you.
• Rate limiting and usage caps protect the service from abuse and automated attacks.
• Least-privilege admin access, protected by a separate one-time-code sign-in.
• Error monitoring helps us detect and fix issues quickly.

3. Responsible disclosure

If you believe you've found a security vulnerability, please email privacy@knowlocal.io with details before disclosing it publicly. We'll acknowledge your report, investigate promptly, and keep you updated. We're grateful to researchers who help us keep customers safe.

4. Related

See our Privacy & Cookie Policy and GDPR & data processing page for how we handle personal data.