Trust Center

Security is at the core of Linked. We carefully select vendors with industry-standard certifications and employ multi-layered protection strategies to safeguard your data and privacy.

Last updated: March 16, 2026

Infrastructure Vendors

These are the core vendors powering the Linked platform and their security certifications.

Supabase

Database · Auth · Storage

All user data is stored in Supabase-managed PostgreSQL databases with Row Level Security (RLS) policies, ensuring users can only access data they are authorized to view.

SOC 2 Type IIHIPAA

Vercel

Hosting · Edge Network · Bot Protection

Our application is deployed on Vercel's global edge network, providing low-latency access worldwide with automatic DDoS mitigation and enterprise-grade infrastructure.

SOC 2 Type IIGDPR

GitHub

Source Code · CI/CD

Source code is managed through GitHub with branch protection, code review requirements, and automated security scanning via Dependabot.

SOC 2 Type IISOC 3ISO 27001

Cloudflare

CDN · DDoS Protection · WAF

Cloudflare provides our content delivery network, web application firewall, and advanced DDoS protection across all network layers.

SOC 2 Type IIISO 27001PCI DSS

Intelligent Firewall

BotID by Vercel

Next-generation bot detection

Linked uses Vercel's BotID technology instead of traditional CAPTCHA verification. BotID analyzes browser fingerprints, behavioral patterns, and request characteristics to identify automated bot traffic — without requiring any manual verification from users.

Precise Bot Filtering

Multi-signal analysis to accurately distinguish real users from malicious bots

Zero-Friction UX

Real users never need to solve CAPTCHAs, identify images, or complete extra steps

Edge Execution

Detection runs on Vercel's edge network with ultra-low latency, no impact on page load

API-Level Protection

Critical API endpoints are BotID-protected — malicious requests are blocked before reaching business logic

BotID vs Traditional CAPTCHA

User Experience

InvisiblevsManual verification

Detection Accuracy

Very HighvsModerate

Latency Impact

Near zerovs+3-10 seconds

Accessibility

Friendly to allvsDifficult for some

Security Practices

Encryption in Transit & at Rest

All data is encrypted via TLS 1.3 during transmission and AES-256 at rest. Database connections use SSL certificates.

Row Level Security

Every database table is protected by Supabase RLS policies. Users can only read and modify their own data — enforced at the database level, not just the application layer.

API Rate Limiting

All public API endpoints are protected by rate limiting to prevent abuse. Excessive requests are throttled automatically.

Data Anonymization

AI-PI assessment data is anonymized before being used for research purposes. Personal identifiers are stripped from analytical datasets.

PageSpeed Insights Audit Report

linked.living

March 16, 2026 06:07 · Desktop·Lighthouse 13.0.1

0–4950–8990–100

100

Performance

100

Accessibility

100

Best Practices

100

SEO

Core Metrics

FCP

0.3s

First Contentful Paint

LCP

0.4s

Largest Contentful Paint

TBT

10ms

Total Blocking Time

CLS

Cumulative Layout Shift

1.0s

Speed Index

Audit Highlights

CSP effectively mitigates XSS attacks

Strict HSTS policy enforced

Proper origin isolation via COOP

Clickjacking mitigated via XFO / CSP

DOM-based XSS mitigated via Trusted Types

All traffic served over HTTPS

No deprecated API usage

No third-party cookies

Zero browser errors in console

Valid structured data (JSON-LD)

Security Concerns?

If you discover a security vulnerability or have security-related questions, please contact our security team.

sol@ailora.pro