Security at BedHub.

All connections to BedHub are encrypted using HTTPS (TLS/SSL), ensuring that data transmitted between your browser and our servers remains secure and private.

Passwords are never stored in plain text. We use industry-standard hashing to securely store all user passwords. Even in the unlikely event of a data breach, your password cannot be reverse-engineered from its hash.

We enforce a minimum password length to help protect your account, and we encourage you to choose a strong, unique password that mixes uppercase and lowercase letters, numbers, and special characters.

Sessions are managed securely with automatic expiration after periods of inactivity. You can log out from any device at any time through your account settings.

All payment processing on BedHub is handled by Stripe, a PCI DSS Level 1 certified payment provider — the highest level of certification available in the payments industry.

We never store your credit card numbers on our servers. All sensitive payment data is handled directly by Stripe's secure infrastructure. Your financial information never touches our systems.

User data is stored in managed databases with server-side security measures in place, including:

• Restricted database access with strong authentication
• Regular automated backups
• Server-level firewall protection
• Parameterized queries to prevent SQL injection attacks

BedHub implements role-based access controls to ensure that users can only access the data and features appropriate to their role:

• Operators can manage only their own Listings and data
• Caregivers can manage only their own profiles
• Family Members can manage only their own Saved Homes and preferences
• Administrators have elevated access with full audit trails to track all administrative actions

We take security seriously and welcome responsible disclosure of any vulnerabilities. If you discover a security issue, please contact us immediately at [email protected].

Please provide as much detail as possible, including steps to reproduce the issue. We will investigate all reports promptly and work to resolve any confirmed vulnerabilities as quickly as possible.

BedHub integrates with a small number of third-party services, each of which maintains its own security practices:

• Mapping services — used for displaying care home locations and enabling map-based search.
• Stripe — used for all payment processing. Stripe is PCI DSS Level 1 certified and maintains rigorous security controls.

We carefully vet all third-party integrations and only partner with services that meet high security standards.