Security

Last updated: June 1, 2026

We take protecting your information seriously. Here's how.

Enterprise-grade infrastructure

Wise Fit Gramma runs on enterprise cloud infrastructure independently audited and certified to international security standards including SOC 2 Type II, ISO 27001, ISO 27017, and ISO 27018. The same class of infrastructure trusted by major banks, healthcare providers, and governments.

Encryption

All data in transit between you and our site is protected with industry-standard TLS encryption (HTTPS). Data at rest is encrypted by our infrastructure provider using AES-256.

Credentials and secrets

API tokens, passwords, and access credentials never live in code or in plain configuration. They are stored in a dedicated, access-controlled secret manager and only released to authorized services at runtime.

Access controls

Strict identity and access management. Only authorized personnel can access systems holding personal data, and access is logged.

What we never do

• We never sell your data.
• We never store payment card information on our servers — payment processing is handled by PCI-DSS compliant payment partners.
• We never share personal data outside of the service providers required to operate the site.

Reporting a vulnerability

If you believe you've found a security issue, please email policy@wisefitgramma.com. We appreciate responsible disclosure.