Security

Perch is built to handle business call and messaging data responsibly. This page summarizes our security practices.

Infrastructure

• All web traffic is served over HTTPS (TLS).
• Phone and SMS are handled by Twilio, a PCI-compliant communications platform.
• Sign-in is protected with a password stored using salted one-way hashing (PBKDF2).
• Your dashboard and settings links use unique private tokens — keep those URLs confidential.

Data storage

Account data and call logs are stored in encrypted-at-rest cloud infrastructure. We minimize what we collect — only what's needed to operate missed-call text-back and your dashboard.

Access controls

Only authorized Perch operators can access production systems. We do not read your customer conversations except when required for support, debugging with your permission, or legal compliance.

Your account security

• Keep your setup/dashboard link private — anyone with the link can access your account.
• Use a strong, unique password for sign-in and a business email you control.
• Delete your account from Settings if you no longer use Perch.

Report a issue

Security concerns: [email protected]