At Pew Locker, we recognize that the data you entrust to us—details about your firearms, serial numbers, and location—is highly sensitive. We have built our platform with a “Privacy First” architecture, prioritizing data sovereignty and cryptographic isolation.
Our Security Measures
1. Authenticated Encryption – We do not store your Serial Numbers, Beneficiary Information, or Financial Values in plain text. Instead of traditional AES block ciphers, we utilize Sodium Authenticated Encryption. This modern, high-performance standard uses a 256-bit key to ensure military-grade confidentiality, but goes a step further by cryptographically guaranteeing data integrity. Unlike older standards that only hide data, our encryption detects if a record has been tampered with. If a malicious actor attempts to alter even a single bit of your encrypted data in the database, the decryption will immediately fail, preventing data corruption or manipulation. Crucially, the Master Encryption Key is isolated from the database, meaning that even if our database files were stolen, the data remains a useless stream of random noise without the separate server-level key.
2. Automated Digital Sanitization (GPS Scrubbing) We understand that modern smartphones embed precise GPS coordinates (Geotags) into every photo they take. To protect the physical location of your safe, Pew Locker employs an automated Metadata Scrubber. The moment you upload a photo of a firearm or receipt, our system strips all EXIF data—removing GPS coordinates, timestamps, and device models—before the file is ever stored.
3. Server Hardening & Intrusion Defense We utilize a Web Application Firewall (WAF) to screen incoming traffic for malicious patterns before they reach the application. Additionally, we enforce strict server-level execution policies that prevent any executable scripts from running within our storage directories, neutralizing potential malware uploads.
4. Secure File Storage Images and documents are stored in restricted directories protected by rules that block direct public access. Files are only served via a secure proxy script that authenticates your session and decrypts the file stream in real-time before releasing it to your browser. Your tax stamps and receipts are never publicly accessible via a direct URL.
5. Data Isolation Your inventory data is cryptographically tied to your specific User ID. Our system includes logic checks to prevent “Replay Attacks” or cross-user data leakage, ensuring that your data cannot be loaded or decrypted by another user session.
6. The “Burn Notice” We provide a user-initiated “Kill Switch” that permanently wipes all data from our database, deletes your user account, and cancels billing immediately. This deletion is a hard-delete (irreversible) for users who need to eliminate their digital footprint instantly.
Limitation of Liability
While we employ industry-standard security measures, no online system is impenetrable. Pew Locker is provided “as is” and “as available.”
- You acknowledge that you provide your information at your own risk.
- We are not responsible for any theft, loss, or unauthorized access to your information resulting from compromised user passwords, malware on your device, or sophisticated cyber-attacks that bypass our security measures.
- We strongly recommend using a strong, unique password and changing it regularly.