Supershot
Get Your Headshots Now
Supershot
How it works
Features
Use-cases
Pricing
FAQ

Language

Language flag English Language flag Eesti
Sign in
Get Your Headshots Now

Trust Center

Everything you need to know about security and compliance at Supershot.

Last Updated: December 4, 2025

Our Commitment to Security

At Supershot, we take the security and privacy of your data seriously. This Trust Center provides transparent information about our security practices, policies, and compliance measures.

We implement comprehensive security controls across all aspects of our operations, from access management and data protection to infrastructure security and vulnerability management.

Access Control & Authorization

Access Granting Process

Supershot maintains a formal access granting process to ensure security and proper authorization:

  • Centralized Approval: All access privileges are reviewed and approved by the Chief Technology Officer (CTO)
  • Ticketing System: Access requests are submitted through our internal ticketing system, creating an auditable trail
  • Least Privilege Principle: Users are granted the minimum permissions necessary to perform their job functions
  • Management Review: All access grants require management approval before implementation
  • Regular Review: Access privileges are reviewed to ensure they remain appropriate for each user's role
Account Inventory

We maintain a comprehensive inventory of all user accounts:

  • Centralized Database: All user accounts tracked in an internal database system
  • High-Risk Vendor Tracking: Accounts on high-risk vendor platforms are included
  • Essential Account Details: Includes account owners, access privileges, roles, and vendor relationships
  • Dynamic Updates: Updated with access requests and changes for accuracy
  • CTO Oversight: Direct oversight ensures completeness and accuracy
Regular Access Reviews

Access reviews ensure permissions remain appropriate:

  • Event-Triggered Reviews: Conducted whenever employees experience role changes
  • CTO-Led Process: Chief Technology Officer oversees all access reviews
  • Structured Removal: Ticket-based workflow ensures systematic deactivation
  • AI-Assisted: AI-based assistants help identify access anomalies
  • Proactive Management: Prevents unauthorized access retention as roles evolve
Multi-Factor Authentication

MFA protects privileged access to our systems:

  • Admin-Level Protection: Required for all administrator accounts across all systems
  • Authenticator App Support: Industry-standard TOTP authenticator applications
  • Comprehensive Coverage: Enforced for both application and infrastructure administration
  • API Key Exceptions: Automated systems use securely managed API keys
  • Defense in Depth: Multiple authentication factors significantly reduce unauthorized access risk
Password Management

Strict password requirements through Django's validation system:

  • User Attribute Similarity Validation: Passwords cannot be too similar to user information
  • Minimum Length Requirements: Enforced minimum password length standards
  • Common Password Validation: Prevents use of commonly-used passwords
  • Numeric Password Validation: Ensures passwords aren't entirely numeric
  • Technical Enforcement: Automatically enforced at the application level for all accounts

Data Management & Protection

Data Inventory

Data Types Stored:

  • User Account Information (credentials, names, emails, roles)
  • Organization Data (company names, configurations, billing information)
  • Team Member Information (employee data, email addresses)
  • Photoshoot Data (uploaded photos, AI-generated images, metadata)
  • AI Model Data (trained models, processing results)
  • Payment Information (managed through Stripe - card details stored exclusively by Stripe)
  • API Integration Data (HR system connections)

Storage Locations:

  • PostgreSQL Database: User accounts, organizational data, metadata
  • Local File System: Temporary processing files, model training inputs
  • AWS S3: Uploaded photos and AI-generated images (encrypted at rest)

Data Classification: All user-submitted data is classified as sensitive and protected with encryption at rest and in transit, access controls, and organizational isolation.

Data Retention Policy

Standard Data Retention:

  • Account Closure: Customer data deleted immediately upon account closure
  • Photos and Images: Retained until account deletion or upon customer data deletion request
  • System Logs: Retained for 50 days through automated log rotation

Extended Retention for Compliance:

  • Accounting and Financial Records: Retained for 10 years in accordance with legal requirements
  • Audit Trail Requirements: Financial audit trails follow applicable legal retention requirements

Data Deletion Process:

  • Customer requests handled through manual review process
  • Verification and execution ensures complete data removal
  • Legal compliance maintained for required records
Encryption at Rest

Multiple encryption layers protect stored data:

  • AWS S3 Encryption: All uploaded images and files stored with server-side encryption enabled by default
  • Database Encryption: PostgreSQL database supports encryption at rest through AWS RDS encryption
  • Secure File Storage: Files stored with unique identifiers and access controls
Encryption in Transit

All data transmitted to and from Supershot is encrypted using HTTPS/TLS:

  • CSRF Cookie Security: Secure cookies that only transmit over HTTPS
  • Session Cookie Security: Session data encrypted and transmitted only over secure connections
  • Proxy SSL Headers: Proper SSL termination at load balancer with secure forwarding

Disaster Recovery

Business Continuity & Disaster Recovery Policy

Supershot maintains a comprehensive 90-page Business Continuity and Disaster Recovery Policy designed to ensure service resilience and protect customer data.

Recovery Objectives:

  • Recovery Time Objective (RTO): 12 hours maximum for overall service restoration
  • Critical Functions: 6-8 hours (AI headshot generation, customer photo uploads)
  • Recovery Point Objective (RPO): 4 hours maximum data loss (automated 4-hour backups)

Disaster Scenarios Covered:

  • Server Failure: Hardware malfunctions with restoration to backup server
  • Data Center Outage: Regional outages with failover to different geographic location
  • Ransomware Attack: Cybersecurity incidents with recovery from clean backups
  • Data Corruption: Database issues with point-in-time recovery
  • Third-Party Failures: Vendor outages with contingency procedures

Disaster Response Team:

  • Incident Commander: CTO leads all disaster response efforts
  • Technical Response Lead: DevOps Engineer executes recovery procedures
  • Business Continuity Coordinator: COO manages customer communication
  • 24/7 Response: On-call rotation ensures rapid response
Automated Backups

Automated database backups ensure data resilience:

  • Every 4 Hours: PostgreSQL database backed up automatically every 4 hours using pg_dump
  • Compressed Storage: Backups compressed using gzip for efficient storage
  • Tiered Retention: 7 days (4-hour backups), 30 days (daily), 12 months (monthly)
  • Geographic Separation: Backups stored in different geographic region from production
  • Automated Integrity Checks: Each backup verified immediately after creation
Recovery Procedures

Documented recovery procedures in version control:

  • Code Repository Integration: Procedures version-controlled in Git alongside infrastructure code
  • Server Restoration: Step-by-step instructions for recreating server infrastructure
  • Database Recovery: Detailed procedures for restoring PostgreSQL from backups
  • Service Validation: Verification steps to confirm successful restoration
  • AI-Assisted Updates: Procedures maintained using AI assistants based on infrastructure changes
Disaster Recovery Testing

Comprehensive testing schedule ensures disaster recovery readiness:

Quarterly Disaster Recovery Drills:

  • Frequency: Every 3 months (January, April, July, October)
  • Rotating Scenarios: Server failure, database corruption, data center outage, security incident
  • 4-Hour Drills: Full team participation with documented results
  • RTO Validation: Verify recovery within 12-hour target

Monthly Backup Restoration Tests:

  • Frequency: First Tuesday of each month
  • Restore to Staging: Test actual backup restoration process
  • Data Integrity Verification: Confirm restored data is complete and accurate

Annual Comprehensive Exercise:

  • Full-Day Exercise: Complete data center loss simulation in November
  • End-to-End Testing: Full server recovery, DNS failover, customer communication
  • Executive Reporting: Comprehensive report on disaster recovery readiness
Backup Isolation

Robust isolation protects backup data from production issues:

  • Geographic Separation: Backups stored in physically separate countries from production
  • Independent Infrastructure: Separate servers, network connections, and access controls
  • CTO-Only Access: Backup data access limited exclusively to the CTO
  • Independent Encryption: Backups encrypted separately with distinct encryption keys
  • Immutable History: 7-day retention makes backups immune to production corruption

Monitoring & Incident Response

Audit Logs

Comprehensive audit logs for security monitoring:

  • Request Logging: All web requests logged with timestamp, IP address, and user information
  • User Activity Tracking: Authentication and actions logged
  • Error Logging: Application errors captured with full stack traces
  • Celery Task Logging: Background job execution logged separately
  • 50-Day Retention: Daily log rotation with 50-day retention period
  • Backup Server Replication: Logs copied to dedicated backup server for integrity protection
Incident Response Policy

Comprehensive incident response policy for cybersecurity incidents:

Incident Response Process:

  1. Detection: Identifying potential incidents through monitoring and alerts
  2. Containment: Isolating affected systems to prevent spread
  3. Eradication: Removing the threat and addressing root cause
  4. Recovery: Restoring systems to normal operations
  5. Lessons Learned: Analyzing incident to identify improvements
  • CTO Leadership: Chief Technology Officer leads all incident response activities
  • Immediate Escalation: Security incidents escalated immediately for rapid response
  • Severity Levels: Incidents categorized by severity for appropriate response
  • 24/7 Availability: Incident response capabilities maintained around the clock
Incident Reviews

Structured incident review process for continuous improvement:

  • Universal Review: All security and operational incidents undergo formal review
  • Within One Week: Reviews conducted within one week of incident resolution
  • CTO Leadership: Chief Technology Officer leads all incident review sessions
  • Complete Documentation: Timeline, root cause, impact, corrective actions, and lessons learned
  • Ticketing System: Corrective actions tracked through ticketing system to completion
Network Monitoring

Comprehensive network infrastructure monitoring (24/7):

  • Custom Monitoring Solutions: Purpose-built tools for our infrastructure
  • Monitored Metrics: System uptime, response times, traffic volume
  • Real-Time Alerts: Service unavailability, performance degradation, connection failures
  • Suspicious Activity Detection: Unusual traffic patterns, connection anomalies, failed connection attempts
  • CTO Response: Chief Technology Officer receives and responds to alerts

Infrastructure Security

Zero-Trust Architecture

Modern security architecture with no traditional VPN:

  • No Network-Based Trust: Security enforced at application and service level
  • Per-Connection Authentication: Every connection requires explicit authentication
  • SSH with Key-Based Authentication: Cryptographic key pairs for remote access
  • Granular Access Control: Per-resource access decisions with continuous verification
  • Stronger Security: No VPN infrastructure to maintain or protect from attacks
Vulnerability Scanning

Automated security scanning to identify vulnerabilities:

  • Nessus Vulnerability Scanner: Professional-grade scanning solution
  • Weekly Scanning: Automated scans execute weekly on all production servers
  • Comprehensive Coverage: All server infrastructure included in scanning
  • Ticketing Integration: Identified vulnerabilities tracked through ticketing system
  • Prioritization: Vulnerabilities assessed and prioritized by severity
Configuration Management

System configuration management and control:

  • Documented Procedures: Configurations managed through well-documented procedures
  • Version Control: All configuration documentation in Git with complete change history
  • Configuration Baselines: Standard configurations documented for different system types
  • CTO Approval: All configuration changes require CTO approval
  • Change Documentation: Modifications documented in version control
Firewall Protection

Firewall controls restrict public access:

  • Hardware Firewall: Enterprise-grade hardware firewall solutions
  • Limited Exposure: Only HTTPS (443), HTTP (80), and SSH (22) exposed publicly
  • All Other Ports Blocked: Significantly reduced attack surface
  • CTO Authorization: Firewall rule modifications require CTO approval
  • Version-Controlled Rules: Firewall rules documented in configuration system
Infrastructure Change Management

Comprehensive logging and review of infrastructure changes:

  • All Changes Logged: System logs capture all infrastructure modifications
  • 50-Day Retention: Infrastructure change logs retained for 50 days
  • Alert System: Specific changes trigger alerts for immediate visibility
  • CTO Review: Chief Technology Officer reviews infrastructure change logs
  • Ticket-Based Approval: All changes submitted through ticketing system with justification
  • Pre-Implementation Review: Security assessment before implementation
Deployment Procedures

Documented deployment procedures ensure consistency:

  • Version-Controlled Documentation: Deployment procedures in Git repositories
  • Step-by-Step Guidance: Clear procedures for infrastructure deployment
  • Repeatability: Consistent infrastructure deployment for new systems or disaster recovery
  • Testing Validation: Procedures validated through DR tests and deployments
  • AI-Assisted Updates: Procedures updated based on operational experience
Unauthorized Asset Management

Systematic process to identify and remove unauthorized assets:

  • Monthly Audits: Infrastructure assets audited monthly to identify unauthorized systems
  • Version Control Registry: Authorized assets documented in version control
  • Investigation Process: Unauthorized assets investigated for origin and security implications
  • CTO Oversight: Chief Technology Officer directly responsible for the process
  • Detection Tools: System-level tools and log analysis discover assets
Private Cloud Storage

Cloud storage security measures:

  • Private S3 Buckets: AWS S3 buckets configured as private by default
  • Application-Controlled Access: Files served through application, not direct public URLs
  • No File Overwriting: S3 configuration prevents accidental file overwrites

Email Security

Email Authentication (DMARC, SPF, DKIM)

Comprehensive email authentication to protect against spoofing and phishing:

SPF (Sender Policy Framework):

  • Authorized mail servers explicitly listed in DNS SPF records
  • Postmark and Mailgun properly authorized in SPF records

DKIM (DomainKeys Identified Mail):

  • All outbound emails digitally signed with DKIM
  • Message integrity verified - content hasn't been modified in transit

DMARC (Domain-based Message Authentication):

  • DMARC policy active in monitoring mode (p=none)
  • Aggregate and forensic reports actively monitored
  • Enables recipient mail servers to identify spoofed emails
Email Access Controls

Strict access controls for email administration:

  • Google Workspace: Corporate email system for employee communications
  • Mailgun: Dedicated transactional email service for system notifications
  • CTO-Only Admin Access: Email administrative access limited exclusively to the CTO
  • No User Delegation: Regular users cannot delegate or share mailbox access
  • Google Workspace Logs: All admin actions logged and can be reviewed

Endpoint Security

Anti-Malware Protection

Anti-malware protection across all endpoints:

  • Universal Deployment: Protection on all employee computers and servers
  • Operating System Security: Built-in OS protection (Windows Defender, macOS security features)
  • Real-Time Scanning: Continuous monitoring of files and applications
  • Automatic Updates: Malware definitions and signatures updated automatically
  • Threat Detection: Active scanning for viruses, malware, ransomware
  • Event Monitoring: Malware detection events actively monitored

Organizational Security

Acceptable Use Policy

Comprehensive Acceptable Use Policy for all users:

  • Policy Coverage: Password requirements, device usage, internet usage, data handling, prohibited activities
  • Onboarding Integration: Presented to all new employees during onboarding
  • Compliance Monitoring: Ad-hoc inspections to ensure policy adherence
  • Progressive Discipline: First warning, then termination for violations
  • Universal Application: Applies to employees, contractors, and third parties
Confidentiality Agreements

All employees and contractors sign confidentiality agreements:

  • Universal Requirement: Both employees and contractors must sign
  • Pre-Employment: Signed before individuals begin work
  • Electronic Storage: Stored securely in Google Workspace
  • Comprehensive Protection: Covers proprietary information, customer data, technical information
  • Long-Term Protection: Obligations continue after employment ends
Employee Onboarding & Offboarding

Onboarding Process:

  • Account Creation: User accounts created with appropriate access privileges
  • Equipment Provision: Required hardware allocated and configured
  • Training: Role-specific, system, and security awareness training
  • Policy Acknowledgment: Review and acknowledgment of policies and confidentiality agreements

Offboarding Process:

  • Access Revocation: All accounts and credentials disabled promptly
  • Asset Recovery: Company equipment collected and inventory updated
  • Final Compensation: Final pay processed according to policy
  • Knowledge Transfer: Critical knowledge transferred to remaining team members
Background Checks & Reference Verification

Thorough reference checks when hiring:

  • Previous Employer Contact: Calling previous employers to verify employment and performance
  • Background Checks: Background screening to verify candidate history
  • Education Verification: Confirming educational credentials and degrees
  • Pre-Employment Requirement: Checks completed before finalizing offers
  • Documentation: Reference check results documented and retained
Physical Access Controls

Physical facility protection in Estonia:

  • Location: Physical facilities located in Estonia
  • Locked Doors: Physical barriers prevent unauthorized entry
  • Badge System: Badge-based access control manages entry authorization
  • Restricted Access: Only authorized personnel can access facilities
  • Multiple Layers: Combination of locks and badges provides layered security
Data-Flow Diagrams

Current data-flow diagrams maintained:

  • Monthly Updates: Diagrams reviewed and updated monthly
  • System Coverage: Shows all data flows across systems and networks
  • Entry and Exit Points: Documents where data enters and leaves systems
  • Version Control: Updates tracked through version control with change documentation
  • Security Analysis: Supports understanding data movement for security assessments
Performance Evaluations

Regular performance evaluations for employees:

  • Annual Reviews: Performance evaluations conducted annually for all employees
  • Performance Assessment: Evaluating job performance against role expectations
  • Areas for Improvement: Identifying skill development opportunities
  • Recognition: Acknowledging exceptional contributions
  • Career Development: Supporting talent development and progression
Communication & Documentation

External Communications:

  • Public Documentation: Terms of Service, Privacy Policy, Service Description on supershotai.com
  • Customer Notifications: System changes communicated via email and in-app notifications

Internal Communications:

  • Multiple Channels: Chat platform for real-time updates, email for formal communications, meetings for complex changes
  • Change Coordination: All team members informed about system changes

Risk Management

Risk Assessments

Regular risk assessments identify and evaluate threats:

  • Annual Assessments: Comprehensive risk assessments performed annually
  • ISO 27001 Framework: Following internationally recognized information security standards
  • Comprehensive Scope: Evaluating threats, vulnerabilities, impacts, and likelihood
  • Risk Prioritization: Ranking risks by severity to focus resources appropriately
  • Mitigation Strategies: Developing risk treatment plans and security improvements
Risk Management Policy

Formal risk management policy framework:

  • ISO 27001 Alignment: Policy aligns with ISO 27001 standards
  • Ticketing System: Risks tracked and monitored through internal ticketing system
  • CTO as Risk Owner: Chief Technology Officer serves as primary risk owner
  • Risk Treatment Options: Risks may be mitigated, accepted, transferred, or avoided
  • Implementation Tracking: Mitigation activities tracked from identification through resolution
Vendor Inventory

Comprehensive inventory of all vendors:

  • Complete Coverage: All vendors and third-party service providers documented
  • Essential Details: Vendor name, services provided, contract details, access level
  • Risk Classification: Vendor risk assessed based on access and criticality
  • Current Information: Inventory maintained with up-to-date vendor information
Vendor Management Program

Structured vendor management with security assessments:

  • Annual Reviews: Vendors reviewed annually for security compliance
  • Security Assessments: Vendors undergo assessments to evaluate security posture
  • Due Diligence: Verify vendors meet Supershot's security and compliance standards
  • Risk-Based Approach: Vendor oversight proportional to risk level
  • Lifecycle Management: Pre-engagement assessment, ongoing monitoring, and offboarding

Vulnerability Management

Patch Management

Comprehensive patch management ensures timely updates:

  • Critical Patches: Deployed within 24 hours of availability
  • Routine Patches: Non-critical patches follow monthly deployment schedule
  • Hybrid Strategy: Combination of automated and manual update processes
  • Priority-Based Deployment: Severity, exposure, and business criticality determine priority
  • Testing and Validation: Pre-deployment testing with rollback capability
Penetration Testing

Regular penetration testing by external security experts:

  • Semi-Annual Testing: Penetration tests performed twice per year
  • External Security Firm: Performed by qualified external security vendors
  • Recent Testing: Most recent test conducted in 2025
  • Real-World Simulation: Tests simulate actual attack scenarios
  • Findings Management: Vulnerabilities tracked through ticketing system until resolved
Vulnerability Scanning

Multi-layered vulnerability scanning program:

  • Nessus Scanner: Professional-grade weekly scanning of all production servers
  • Code Security Scanning: Bandit security scanner for Python application code
  • Automated Execution: Scans run automatically without manual intervention
  • Finding Categorization: Results organized by severity for prioritization
  • Ticketing Integration: Vulnerabilities tracked through ticketing system
Vulnerability Management Policy

Formal vulnerability management policy with employee acknowledgment:

  • Documented Policy: Comprehensive policy guides vulnerability lifecycle
  • Remediation SLAs: Severity-based timelines for vulnerability remediation
  • Employee Acknowledgment: All employees acknowledge policy during onboarding
  • Clear Procedures: Identification, assessment, remediation, and exception handling
  • Comprehensive Implementation: Weekly scanning, semi-annual pentesting, 24-hour critical patching

Development Security

Secure Development Lifecycle

Comprehensive development security practices:

  • Version Control: All code managed in Git repositories
  • Code Review: Changes go through review processes before merging
  • Testing: Comprehensive test suite with unit tests
  • Bandit Security Scanner: Automated vulnerability scanning for Python code
  • Code Linting: Pylint checks for code quality and potential issues
  • Type Checking: Pyre type checker prevents type-related bugs

Questions About Our Security?

If you have questions about our security practices or would like additional information, please contact our security team.

Contact Security Team
Supershot
Professional business headshots for your growing team, anywhere!
Service
How it works
Features
Use-cases
Pricing
Headshot Guidelines
Team Headshots
Integrations
Zapier integration for team headshots
FAQ
How to's
How to Keep All Employee Photos in One Place and Up to Date
How to Automate Headshots for Onboarding
How to Update Website Team Pages Automatically
© Supershot 2025. All Rights Reserved.
Terms of Service
Privacy Policy
Cookie Notice
Data Processing Agreement
Subprocessors
Trust Center