Indie Aisle Security Overview

Keeping customer data safe and secure is a huge responsibility and a top priority for Indie Aisle. We work hard to protect our customers from the latest threats.

Access Control and Organizational Security

Everybody at Indie Aisle is trained and made aware of security concerns and best practices for their systems.

Personally Identifiable Information (PII)

Indie Aisle helps you produce your website and provides services for you to connect to. It does not send emails to your customers. This means we do not hold or process audience lists, or any data about your customers.

Data Location

We use A2 Hosting.Files that our customers upload are stored on servers that use modern techniques to remove bottlenecks and points of failure. Our software infrastructure is updated regularly with the latest security patches.

Encryption In Transit and At Rest

Over public networks we send data using strong encryption. We use SSL certificates issued by GeoTrust Inc, RapidSSL CA. The connection uses AES_128_CBC for encryption, with SHA2 for message authentication and ECDHE_RSA as the key exchange mechanism. You can check our currently supported ciphers here.


Our servers — from power supplies to the internet connection to the air purifying systems — operate at full redundancy. Our systems are engineered to stay up even if multiple servers fail.

Regularly-updated Infrastructure

Our software infrastructure is updated regularly with the latest security patches. Our products run on a dedicated network which is locked down with firewalls and carefully monitored.

Billing Information

All credit card transactions are processed using secure encryption—the same level of encryption used by leading banks. Card information is transmitted, stored, and processed securely on a PCI-Compliant network.

Law Enforcement

Indie Aisle won’t hand your data over to law enforcement unless a court order says we have to. We reject requests from local and federal law enforcement when they seek data without a court order. And unless we’re legally prevented from it, we’ll always inform you when we receive such requests.