Compliance & Trust

Regulatory compliance & data protection

We design our systems and processes to safeguard user data, prevent abuse, and ensure payments and review activity are auditable and fair. This page summarizes our core practices for security, privacy, and operational controls.

Contact compliance Read terms

ISO-like

Control framework & periodic audits

Escrow

Funds held until review approval

Logs

Immutable activity & payment logs

Data protection

We limit collection of personal data and hold it only as long as necessary. Our storage is encrypted and access is strictly controlled. We provide user rights to access, export and delete their personal data on request.

Encryption in transit (TLS) and at rest (AES-256 or equivalent)
Least-privilege access controls and regular access reviews
Data retention policies and secure deletion processes

Financial controls & payments

Platform funds (campaign payments) are tracked in an auditable ledger. Reviewer payouts are only released after moderation; withdrawals require manual or automated approval flows to avoid duplicate payouts.

Escrow model — buyer funds are reserved until approvals complete
Transaction ledger with unique references, timestamps and status changes
Manual review step for high-value payouts to reduce fraud risk

Moderation & abuse prevention

We combine automated checks and human moderators. Policy violations lead to rejection, warnings, or account suspension.

Evidence requirement (screenshots, URLs) for submissions
Rate limits, pattern detection and duplicate submission filters
Appeals process and dispute resolution logs

Auditability & logs

Every moderation decision, transaction update and wallet change is logged. Logs are retained and available for internal audits and dispute resolution.

Immutable transaction records with timestamps and actors
Admin action logs (who approved/changed statuses)
Exportable reports for compliance checks

Operational best practices

Our security and compliance program includes documented processes, periodic reviews, incident handling playbooks, and vendor assessments.

Incident response

We maintain a playbook for data incidents and notify affected parties per applicable law.

Vendor risk

Third-party services are assessed for security & privacy before integration.

Periodic audits

We run regular internal reviews and engage external assessors as required.

Frequently asked

Common questions about data and payout safety.

How do I request data deletion? — Use account settings or contact support and we will process per policy.
What prevents double payouts? — Transaction statuses, locked rows and admin approvals prevent duplicate processing.
Are payouts insured? — We partner with payment processors; buyer funds are tracked and reconciled.

Contact compliance team

For legal, data or audit requests, contact our compliance team. Use the form or email us for formal inquiries.

Email: compliance@sigmaboss.com

Support: Open a support ticket