Security

Infrastructure

18ways runs on managed cloud infrastructure with network isolation, service-level access controls, and monitoring designed to maintain availability and integrity.

Production systems are separated from development environments and access is restricted to authorised personnel.

Data Encryption

All data is encrypted in transit using TLS.

Data at rest is protected using encryption and security controls provided by our managed infrastructure providers.

Data Processing Model

18ways processes customer content to deliver localisation functionality and account services.

Customers retain ownership of their content. Processing occurs only to operate the service and under the terms agreed with the customer.

Access Controls

Access to production systems is limited to authorised personnel and protected using strong authentication.

Access is granted on a least-privilege basis and reviewed periodically.

Logging and Monitoring

Systems are monitored for operational health, security events, and service availability. Logs are retained to support incident investigation and operational debugging.

Subprocessors

18ways relies on a small number of trusted service providers for infrastructure, authentication, analytics, email delivery, and payment processing.

These providers are selected based on reliability, security practices, and compliance posture.

Responsible Disclosure

If you believe you have discovered a security vulnerability, please report it privately with reproduction details so we can investigate and remediate the issue.

We appreciate responsible disclosure and will acknowledge reports promptly.

Security Contact

Security reports can be sent to security@18ways.com.