Security & Trust
Last Updated: May 17, 2026
Expedition Insure handles trip and identity data for travelers booking expensive, time-sensitive expeditions. Protecting that data is core to the product. This page summarizes our security program and how to reach our team.
Reporting a Vulnerability
Email security@expedition.insure. We acknowledge reports within two business days and aim for a substantive response within five. Please do not file public GitHub issues for security findings.
Our machine-readable disclosure file is at /.well-known/security.txt (RFC 9116). Full policy and safe-harbor language are in our SECURITY.md.
Security Posture
- Encryption in transit: TLS 1.2+ on all customer endpoints, HSTS enabled.
- Encryption at rest: Provided by our infrastructure providers (Cloudflare R2/KV, Convex, Stripe).
- Access control: SSO + MFA required for all production admin access. Least-privilege role assignments, reviewed quarterly.
- Secrets management: Production secrets stored in Bitwarden Secrets Manager and Cloudflare/Convex environment stores. No plaintext secrets in source.
- Change management: All production changes ship via reviewed pull requests with CODEOWNERS approval. CI runs CodeQL, Dependabot, and secret scanning on every PR.
- Logging: Cloudflare Workers and Convex emit structured logs to retained backends; access is restricted to engineering staff.
- Backups: Convex provides point-in-time recovery; Stripe data is the source of truth for payments.
Sub-Processors
We share data with the following sub-processors as needed to operate the service:
| Provider | Purpose | Region |
|---|---|---|
| Cloudflare | Edge hosting, DNS, KV, Workers, R2 | Global |
| Convex | Application database and backend functions | United States |
| Stripe | Payment processing and PCI scope | United States |
| Resend | Transactional email delivery | United States |
| Google (Workspace + OAuth) | Staff identity and email | United States |
| GitHub | Source control and CI/CD | United States |
Contact security@expedition.insure to subscribe to sub-processor change notifications.
Compliance
- SOC 2 Type II: Audit readiness program in progress (Security, Availability, Confidentiality TSCs). A report will be available under NDA on request once issued.
- PCI DSS: Card data is handled exclusively by Stripe; we are SAQ-A scoped (no cardholder data touches our infrastructure).
- Privacy: See our Privacy Policy for data subject rights and retention details.
Contact
Security issues: security@expedition.insure
General support: help@expedition.insure