Security Overview

Security is a core priority for Zero. The platform handles sensitive information including firearms data, personal certificates, and financial records, so we apply rigorous security measures at every level.

Our approach

• Mandatory multi-factor authentication — Every user must enable MFA. There are no exceptions to this requirement.
• Row-level security — Database access is enforced at the row level, ensuring users can only access their own data.
• Encryption at rest and in transit — All data is encrypted using industry-standard protocols, both when stored and when transmitted between your device and our servers.
• UK GDPR compliance — We comply with the UK General Data Protection Regulation. You have full rights to access, export, and delete your data.
• Error monitoring with redaction — We use Sentry for crash reporting and error monitoring. Sensitive data is automatically redacted before any error report leaves your device.
• On-device OCR — Certificate scanning and text recognition runs entirely on your device. Images of your certificates are never sent to external servers for processing.

Learn more

• Multi-Factor Authentication
• Password Requirements
• Data Protection & GDPR
• Third-Party Services