Legal

Sandbar is a static site hosting platform that stores and serves your deployed content via Google Cloud Storage and Cloud CDN. Because we host your websites and serve them to the public, security and content integrity are foundational to every architectural decision we make.

This page describes how we protect your content and infrastructure, what guarantees we provide, and how you can verify our practices.

Encryption

In Transit

All communications between your application, the Sandbar API, and the CDN use TLS 1.3. We do not support older TLS versions. All sites served via Sandbar automatically receive SSL/TLS certificates — there is no option to serve content over unencrypted HTTP.

At Rest

All deployed files, account data, and metadata are encrypted at rest using Google Cloud Platform’s default encryption (AES-256). Deploy files stored in Google Cloud Storage are encrypted transparently by the storage layer.

Content Security

Content Safety Scanning

Sandbar scans deployed content at deploy time for prohibited material, including:

  • Child sexual abuse material (CSAM): Detected content is quarantined immediately, the deploy is blocked, and the incident is reported to the National Center for Missing and Exploited Children (NCMEC) and law enforcement as required by law.
  • Malware: Deployed files are scanned for known malware signatures and malicious code patterns. Deploys containing malware are blocked.
  • Phishing: Content is analyzed for phishing indicators, including credential harvesting forms, brand impersonation, and deceptive login pages. Detected phishing content is quarantined and the account holder is notified.

Content safety scanning is automated and occurs before content is made publicly available via CDN.

Content-Addressed Storage

Deploy files are stored using content-addressed deduplication. Each file is identified by a cryptographic hash of its contents, which provides built-in integrity verification. Any corruption or tampering with stored files is detectable because the content hash will no longer match.

Deploy Integrity

Each deploy is an immutable snapshot of files. Once a deploy is finalized, its contents cannot be modified — only replaced by a new deploy. This immutability ensures that the content served to visitors matches exactly what was uploaded.

Access Isolation

Workspace Isolation

Each workspace’s sites, deploys, domains, and configuration are logically isolated at the application and database levels. One workspace cannot access another workspace’s data, deploys, or configuration. API authentication and authorization enforce workspace boundaries on every request.

CDN Isolation

Each site is served from its own CDN configuration and storage path. There is no shared serving infrastructure between sites belonging to different workspaces. Custom domain routing ensures that each domain maps to exactly one site.

Infrastructure

Deployment

Sandbar runs on Google Cloud Platform with automated deployments, rolling updates, and instant rollback capabilities. Infrastructure is provisioned through infrastructure-as-code with full audit trails. All infrastructure changes require peer review and are logged immutably.

Network Security

The Sandbar API and console are protected by Google Cloud’s network security infrastructure, including DDoS protection at the network edge. Access to internal systems is restricted through firewall rules and security groups. Database access requires authenticated connections over private networks.

CDN Security

Content is served via Google Cloud CDN, which provides:

  • DDoS mitigation at the edge, absorbing volumetric attacks before they reach origin infrastructure
  • Edge caching that reduces load on origin storage and improves resilience
  • Automatic SSL/TLS for all served content, including custom domains
  • Geographic distribution across Google’s global edge network for low-latency content delivery

Secrets Management

Infrastructure secrets, including database credentials, API keys, and internal service tokens, are managed through a dedicated secrets manager with automatic rotation. Secrets are injected at runtime and never stored in source code, configuration files, or container images.

Monitoring and Incident Response

We maintain 24/7 automated monitoring for anomalous access patterns, unusual deploy activity, and potential security incidents. Our incident response process includes immediate content quarantine capabilities and customer notification within 24 hours of confirmed incidents.

Penetration Testing

We conduct regular third-party penetration testing of the Sandbar API surface and infrastructure. Findings are remediated according to severity: critical and high findings are addressed within 48 hours; medium findings within 30 days.

Compliance

SOC 2 Type II

We are pursuing SOC 2 Type II certification targeting GA + 12 months. The audit will cover the Security, Availability, and Confidentiality trust service criteria. Once certified, we will make our SOC 2 report available to Enterprise customers under NDA upon request.

GDPR

Sandbar supports GDPR compliance through:

  • Right to erasure: Sites, deploys, and account data can be deleted through the API or console at any time. Deletion is permanent and irreversible.
  • Data export: Deploy files and site configuration can be exported at any time.
  • Data processing agreement: Available for customers who require a DPA for their compliance documentation.

Domain Security

Domain Verification

Custom domains attached to Sandbar sites undergo verification to confirm ownership. This prevents domain hijacking and ensures that only authorized account holders can serve content on a given domain.

Automatic SSL/TLS

All custom domains receive automatically provisioned and renewed SSL/TLS certificates. Certificate provisioning occurs upon domain verification and renewal is handled transparently with no action required from the account holder.

Audit Logging

All security-relevant events are captured in audit logs, including:

  • Deploy creation and publication
  • Site creation, modification, and deletion
  • Domain attachment and verification
  • API key creation and revocation
  • Team member access changes
  • Console login events

Audit log retention varies by plan tier (7 days for Free, 30 days for Pro, 90 days for Scale, configurable for Enterprise). Audit logs are available through the console and API.

Responsible Disclosure

If you discover a security vulnerability in Sandbar, please report it to security@sandbar.cloud. We ask that you:

  • Provide sufficient detail for us to reproduce the issue
  • Allow reasonable time for us to address the vulnerability before public disclosure
  • Do not access or modify data belonging to other customers

We commit to acknowledging reports within 24 hours and providing an initial assessment within 72 hours. We do not pursue legal action against researchers who follow responsible disclosure practices.