Security & Compliance

Enterprise-grade link infrastructure

Protect sensitive campaign links with SSL enforcement, geo-blocking, and built-in GDPR/CCPA compliance tools. Built for teams where trust is non-negotiable.

See our certifications Talk to security

SSL/TLS Enforcement

Every HyperSnap link is served over TLS 1.3 by default. We enforce HSTS across all domains — including your custom branded URLs — so there is no fallback to unencrypted HTTP.

Always-on HTTPS

All hyperlinks redirect to HTTPS with a 301 permanent redirect. Browser HSTS preload lists are configured for every managed domain, preventing protocol downgrade attacks.

Custom Domain Certificates

Bring your own domain and HyperSnap provisions a valid TLS certificate automatically via Let's Encrypt integration. Certificates renew every 90 days with zero manual intervention.

TLS 1.3 Only

We disable TLS 1.0, 1.1, and 1.2 at the edge. Only TLS 1.3 is accepted, giving your teams the fastest handshake and the strongest cipher suites available today.

HyperSnap SSL certificate validation dashboard showing TLS 1.3 enforcement status across all managed domains

Geo-blocking Controls

Restrict access to your links by country, region, or IP range. Geo-blocking is applied at the edge — before the redirect fires — so visitors in restricted locations never reach your destination.

Use geo-blocking to comply with regional data laws, prevent fraudulent click-throughs, or limit campaign exposure to specific markets. Rules are evaluated in under 50ms and are logged in your audit trail.

Country-Level Blocking

Block or allow links for any of 195+ countries. Set a whitelist for EU-only campaigns or a blacklist to exclude specific regions. Rules apply per-link or globally across a workspace.

IP Range Restrictions

Define CIDR blocks to restrict access for internal testing links, staging URLs, or sensitive corporate resources. Combine IP rules with geo-blocking for layered defense.

Real-Time Rule Updates

Changes to geo-blocking rules propagate to all edge nodes in under 60 seconds. No cache flush or DNS propagation wait — your restrictions are enforced immediately.

Compliance & Certifications

HyperSnap is designed to help your organization meet GDPR, CCPA, and SOC 2 requirements. We provide the tools, data, and documentation your legal and security teams need.

GDPR Ready

We process click data within the EU for EU-hosted workspaces. Data Processing Agreements (DPAs) are available for all Enterprise plans. Right-to-be-forgotten requests are fulfilled within 30 days via API or support ticket.

CCPA Compliance

HyperSnap does not sell personal data. California residents can submit deletion and opt-out requests through your workspace settings. We maintain records of all consumer requests for audit purposes.

SOC 2 Type II

Our infrastructure has passed an independent SOC 2 Type II audit covering security, availability, and confidentiality. The latest report is available under NDA to Enterprise customers and their auditors.

Audit Logs & Retention

Every link creation, edit, deletion, and access rule change is logged with a timestamp, actor identity, and IP address. Audit logs are retained for 7 years and exported in CSV or JSON format.

For questions about data residency, subprocessor disclosures, or compliance documentation, contact our trust team at trust@hypersnap.io or open a support ticket from your workspace.

Request a SOC 2 report Download DPA template