Back to Home
Our Commitment to Your Security
How we protect your information on the xMonks Referral Platform.

Last Updated: June 5, 2025

At xMonks, the security of your data and the trust you place in us are paramount. We are committed to employing robust security measures to protect your personal and financial information. This page outlines some of the key practices we follow.

1. Secure Login & Account Protection

We utilize Firebase Authentication, a secure identity platform by Google, to manage user accounts. This means:

  • Your password is not stored in plaintext; it is securely hashed.
  • Secure mechanisms for password resets are provided.
  • Industry-standard protocols protect your login process.

2. Data Encryption

  • In Transit: All data transmitted between your browser and our servers is encrypted using HTTPS (Hypertext Transfer Protocol Secure), ensuring it cannot be easily intercepted.
  • At Rest: Information stored in our database (Firebase Firestore), including your profile and banking details, is encrypted at rest by Google Cloud's underlying storage services.

3. Protecting Your Sensitive Information

  • Banking Details: Your banking information is handled with special care. It is used solely for processing referral payouts. When displayed within the platform (e.g., on the Banking Details page in read-only mode), sensitive parts are masked to prevent accidental exposure.
  • Personally Identifiable Information (PII): We limit the collection of PII to what is necessary for the platform's operation and handle it in accordance with our Privacy Policy.

4. Database Security

We leverage Firebase Firestore, which includes a powerful security rules system. These rules are configured to ensure that users can only access and modify their own data, and administrators have appropriately defined permissions. This helps prevent unauthorized access to your information within the database.

5. Secure Platform Development

  • Our platform is built on modern and secure technologies, including Next.js and React.
  • We employ input validation (e.g., for forms) to protect against malformed data and common web vulnerabilities.
  • We strive to follow secure coding practices and keep our platform dependencies updated to address known vulnerabilities.

6. Your Role in Security

While we implement robust security measures, your vigilance is also important:

  • Use a strong, unique password for your account.
  • Be cautious of phishing attempts and do not share your login credentials.
  • Ensure your device and browser are updated with the latest security patches.

7. Contact Us

If you have any security concerns or questions, or if you believe you have found a security vulnerability, please contact us immediately at security@xmonks.com (or support@xmonks.com if a dedicated security email is not yet set up).