Security & Privacy
Your data security and privacy are our top priorities. We adhere to international standards and regional regulations.
View our full Data Protection Framework βππ° PDPO Compliance
We fully comply with the Personal Data (Privacy) Ordinance (PDPO) of Hong Kong, which governs how personal data is handled.
- βData collection transparency
- βUser consent management
- βData retention policies
- βRight to access and correction
- βData subject rights protection
π Cross-Border Data Compliance
As a Hong Kong-registered entity processing data submitted by clients operating across multiple jurisdictions, SneakersLite's data handling practices align with:
- βHong Kong Personal Data (Privacy) Ordinance (PDPO)
- βChina Personal Information Protection Law (PIPL)
- βChina Data Security Law (DSL)
Client data submitted via API is processed solely for authentication purposes. Cross-border data transfers are conducted in accordance with applicable legal requirements in each operating jurisdiction.
π Data Ownership & Usage
Clients retain full ownership of all images and authentication reports submitted through the SneakersLite API. Submitted data is used exclusively for:
- βDelivering contracted authentication results
- βAnonymised model training to improve authentication accuracy (with client consent per service agreement)
Client data is never sold, disclosed to third parties, or used outside the scope of the contracted service.
π Data Protection
Enterprise-grade security measures protect your authentication data and personal information.
- βEnd-to-end encryption
- βRegular security audits
- βSecure API endpoints
- βAccess control & monitoring
- βIncident response plan
AWS Infrastructure
| Component | Provider | Region | Encryption |
|---|---|---|---|
| Servers | AWS EC2 | APAC | AES-256 |
| Database | AWS RDS | APAC | AES-256 |
| Storage | AWS S3 | APAC | AES-256 |
| CDN | AWS CloudFront | Global | TLS 1.3 |
| DDoS Protection | AWS Shield | Global | N/A |
| SSL/TLS | AWS ACM | Global | TLS 1.3 |
Security Standards & Compliance Frameworks
SneakersLite actively aligns its security practices to the following internationally recognised standards as part of our ongoing commitment to data protection. We are working toward formal certification as the platform scales.
ISO 27001
Information Security Management (aligned practices)
SOC 2
Service Organization Controls (aligned practices)
PCI DSS
Payment Card Industry Data Security Standard (aligned practices)
Security Questions?
Contact our security team for any inquiries about our privacy practices and security measures.