Security
CORe, Inc., the company behind IrukaDark, recognizes the importance of the data entrusted to us by our customers and has implemented the following measures to protect it. We continuously review and improve our security practices.
Data Storage and Management
- Content you input through AI features such as translation and explanations is not stored in our databases. Only usage metrics (e.g. token counts) are recorded on the server side.
- Clipboard history, snippets, memos, scheduler settings, and other desktop app data are stored only on your device and are never sent to our servers.
- AI features are powered by APIs from Anthropic, Google, and OpenAI. All of these providers have confirmed that data sent through their APIs is not used to train their models. See each provider's data policy for details:
- Our employees do not view the content you enter or the results generated by the service.
Network Protection
- All communications are encrypted with HTTPS (TLS 1.2 or higher).
- A Web Application Firewall (WAF) is applied to block common attacks such as SQL injection and cross-site scripting.
- DDoS mitigation is active at all times across network and application layers.
- Bot and automated attack protection is enforced on login and registration endpoints.
Data Protection
- All stored data — databases, backups, and file storage — is encrypted at rest.
- Access to stored files is controlled through time-limited signed URLs; no permanent public links are issued.
- Passwords are hashed before storage and are never held in plain text.
- OAuth tokens are encrypted at the application level before being persisted.
Authentication Protection
- Rate limiting is enforced on authentication endpoints to prevent brute-force attacks.
- All active sessions are revoked when a password is reset.
- Sessions expire automatically after a defined period.
Payment Security
- All payment processing is handled by Stripe, which is PCI DSS Level 1 compliant.
- Credit card information never passes through or is stored on IrukaDark's servers.