Security

Data Handling

GXO Feeds processes and stores product data on behalf of brands. We treat all data with the highest level of security and privacy:

• •All data is encrypted in transit (TLS 1.3) and at rest (AES-256)
• •Product feeds are stored in secure, access-controlled storage buckets
• •We do not collect or store personally identifiable information (PII)
• •Access logs are retained for 90 days for security monitoring

Infrastructure Security

Our infrastructure is built on industry-leading cloud platforms with multiple layers of security:

• •Hosted on Vercel with automatic DDoS protection
• •CDN-backed feed delivery with edge caching
• •Rate limiting and abuse prevention on all endpoints
• •Regular security audits and penetration testing

Brand Verification

We verify brand ownership through domain validation to prevent impersonation and ensure feed authenticity:

• •DNS-based domain verification for brand claims
• •Verified badges for authenticated brands
• •Regular re-verification of brand ownership

Responsible Disclosure

If you discover a security vulnerability, please report it to us immediately:

We take all security reports seriously and will respond within 24 hours. Please do not publicly disclose vulnerabilities until we've had a chance to address them.

Compliance

GXO Feeds is committed to maintaining compliance with relevant data protection regulations including GDPR and CCPA. For more information, see our Privacy Policy.