Account-based access
Dataset access is tied to the signed-in buyer account so downloads stay traceable and supportable.
Institutional Trust
Security &
Compliance
This page explains how AEXO protects buyer access, handles payments, stores account records, and presents its compliance posture in a factual way.
Payment isolation
Paddle processes payments so card details are handled by the billing provider rather than stored in the app.
Controlled publishing
Products are reviewed before publication so the catalog reflects the fields, pricing, and download path buyers should expect.
Public-source transparency
The business emphasizes public and verifiable source material instead of opaque or unverifiable data claims.
Structured storage
Operational data is kept in Firebase-backed services to support the site, accounts, and purchase records.
Compliance review
Security statements are kept factual and modest so buyers can use them in procurement review without overclaiming certifications.
Operational Notes
What we can state with confidence
HTTPS only for site traffic
Payments handled by Paddle
Buyer access tied to an account
Public-source data with manual review
Technical Briefing
Security practices and review boundaries
AEXO keeps its security description grounded in what the product actually does: account-based delivery, controlled billing, public-source data, and a narrow retention footprint.
Request Security SummaryAccount and purchase control
Buyer access is tied to the authenticated account and can be reviewed through the dashboard.
Operational monitoring
The site and supporting APIs are monitored through standard platform and hosting tooling so issues can be detected quickly.
Reviewable statements
Any claim about encryption, certifications, or audits should be added only when it is verifiable and current.
Retention and deletion
Account and purchase records are kept only as long as needed to support service delivery and support requests.
FAQ
Security questions buyers often ask
Do you store payment card numbers?
No. Billing is handled by Paddle, which keeps payment credentials out of the application database.
How are downloads controlled?
Access is tied to the authenticated account, and product pages point to a specific download URL when the buyer is allowed to retrieve the file.
Is every compliance claim certified?
No. The page only describes controls and operational posture that are actually present. Any formal certification should be added only after it is completed.