Back to Home

Security Policy

Our commitment to protecting your data and account information

1. Data Protection

We implement robust security measures to protect your information:

  • All sensitive data is encrypted in transit using TLS 1.2+
  • Account credentials are never stored in plain text
  • Regular security audits of our systems
  • Limited access to sensitive information

2. Information Collection

We collect only necessary information to provide our services:

  • Account details required for recovery assistance
  • Contact information for communication
  • Payment information processed securely through our providers
  • Service usage data for improvement

We never ask for or store your Roblox password.

3. Data Retention

Your information is retained only as long as necessary:

  • Case information is kept for 90 days after resolution
  • Payment records are kept as required by law
  • You may request deletion of your data at any time

4. Security Practices

Our security measures include:

  • Regular software updates and patching
  • Multi-factor authentication for staff access
  • Secure coding practices
  • DDoS protection and monitoring
  • Employee security training

5. Third-Party Services

We use trusted third-party services with strong security:

  • Payment processors with PCI DSS compliance
  • Secure hosting providers
  • Analytics services with anonymized data

We vet all third parties for security compliance.

6. Incident Response

In case of a security incident:

  • We will notify affected users within 72 hours
  • Immediate investigation and mitigation
  • Full transparency about the nature of the breach
  • Steps to protect affected accounts

7. User Responsibilities

To help maintain security:

  • Never share account credentials with anyone
  • Use strong, unique passwords
  • Enable two-factor authentication on your accounts
  • Report suspicious activity immediately

8. Vulnerability Reporting

We welcome responsible disclosure of vulnerabilities:

  • Report security issues to security@bloxup.com
  • Include detailed reproduction steps
  • Allow reasonable time for resolution
  • Do not exploit vulnerabilities or access user data

Note: We will acknowledge your report within 48 hours and may offer recognition for significant findings.

Last Updated: April 22, 2025

This policy may be updated periodically to reflect new security practices.