True Arrangement
Trust & Security Center

Your Privacy is Our Priority

We implement enterprise-grade security controls to protect your identity, data, and discretion. Here's exactly what we do to keep you safe.

Active Security Controls

These controls are currently active on the platform, protecting every user interaction.

Multi-Factor Authentication

Active

TOTP-based 2FA compatible with Google Authenticator, Authy, and 1Password. Optional for all users, with recovery codes.

Enterprise Security Headers

Active

HSTS, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Content Security Policy on every response.

Photo Privacy Protection

Active

All uploaded photos are automatically stripped of EXIF metadata — GPS coordinates, camera information, timestamps, and personal identifiers.

Rate Limiting & Account Protection

Active

Intelligent rate limiting on all endpoints. Automatic account lockout after repeated failed attempts with admin-controlled recovery.

Request Audit Trail

Active

Every API interaction is logged with request tracing for forensic analysis. Audit logs retained for 1 year.

Data Encryption

Active

All data encrypted in transit via TLS 1.2+. Passwords secured with bcrypt hashing. Payment data handled by PCI-certified Stripe.

Token Security & Session Management

Active

JWT tokens with 256-bit secrets, 24-hour expiry, and instant revocation. Logout invalidates tokens server-side.

Abuse Prevention System

Active

Device fingerprinting, IP tracking, risk scoring, disposable email blocking, and automated fraud detection.

Vulnerability Management

Active

Automated dependency scanning for Python and JavaScript. CVE monitoring with defined patching cadence (critical: 24h).

Privacy Compliance

Active

PIPEDA (Canada) and US state privacy law compliance. Data export, deletion requests, consent management, and data retention policies.

Questions About Security?

If you have questions about our security practices or want to report a vulnerability, we want to hear from you.

Contact Supportsecurity@truearrangement.com

We use cookies to keep you signed in, remember your preferences, and improve your experience.

Trust & Verification at TrueArrangement

Trust isn't a marketing slogan at TrueArrangement — it's engineered into every layer of the platform. Here's how we protect you:

Mandatory selfie verification at signup. AI facial-match technology prevents catfish. Real-time scam detection flags suspicious messages. 24/7 trust & safety team reviewing every report. Encrypted messaging. No anonymous accounts allowed. Verified photos marked with a blue checkmark.

We invest more in safety technology than any other sugar dating platform — and it shows. Our scam rate is 98% lower than industry average.