Security affects everything we do at Bunnies of Las Vegas. We are SOC 2 Type 2 compliant and we:
- Force HTTPS on all connections, so data in-transit is encrypted with TLS.
- Encrypt all database data at-rest with AES-256.
- Our sites are distributedly hosted in data centers that are SOC 1, SOC 2 and ISO 27001 certified. Our partners servers are hosted in data centers that have round-the-clock security, fully redundant power systems, two-factor authentication and physical audit logs.
- Regularly conduct external penetration tests from third-party vendors (reports available for enterprise customers).
- Regularly conduct security awareness training sessions with all employees.
We run a bug bounty program to encourage responsible disclosure of security issues and to reward security researchers who take the time to help us keep Bunnies of Las Vegas safe. We've temporarly disabled our bug bounty program due to abuse. We may resume in the future.
The Only metadata concerning your usage that allows us to find and fix bugs or performance issues that are sent to third parties are:
Error Tracking Data Collected
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.0.3 Safari/605.1.15
Vue (Programming Language)
All IP addresses and other PII is obfuscated from any third party error and analytic tracking software we use.