Security

Videosays uses Supabase Auth for account authentication. Users should keep passwords, login sessions, and API keys confidential.

If you suspect unauthorized access, rotate your API key where available and contact us at wegofuture@126.com.

Traffic is served over HTTPS. Account, task, billing, and usage records are stored with access controls. Service secrets are stored in deployment environment secret managers where supported.

Payment card or wallet details are handled by payment providers such as Creem or local payment processors; Videosays does not store full card numbers.

API access requires authentication. We apply rate limits, credit checks, and operational controls to reduce abuse and protect service availability.

We may suspend access for scraping, overload, credential sharing, attempts to bypass limits, or other activity that threatens users or infrastructure.

If you discover a security issue, please email wegofuture@126.com with a clear description and reproduction steps. Please avoid accessing, modifying, or deleting data that does not belong to you.