We take security seriously. Here's how we protect your account and data.
Last updated: December 24, 2025🔒 Security Highlights
All data encrypted in transit with TLS/HTTPS
Authentication powered by Supabase Auth
No permanent storage of prompts or AI outputs
Payment processing by Lemon Squeezy (PCI compliant)
Regular security audits and monitoring
All communication with Omnimix is encrypted using TLS 1.3 (HTTPS). This means your prompts, API responses, and login credentials are protected in transit. We also use secure, encrypted cookies for authentication.
User authentication is handled by Supabase Auth, a battle-tested authentication service used by thousands of applications. Supabase handles:
• Secure password hashing (bcrypt)
• Session management with secure tokens
• Protection against brute force attacks
• Email verification and password reset flows
We minimize data collection and retention:
Account Data
Your email and subscription status are stored securely in our database hosted on Supabase.
Prompts & Outputs
We do not permanently store the content of your prompts or AI-generated responses. They are processed in real-time and not retained.
Payments
Payment information is handled by Lemon Squeezy, a PCI-compliant payment processor. We never store your credit card details.
Omnimix is hosted on Vercel, a leading serverless platform with built-in DDoS protection, automatic HTTPS, and global edge network. Our database is hosted on Supabase with Row Level Security (RLS) policies ensuring users can only access their own data.
If you discover a security vulnerability in Omnimix, please report it responsibly. We appreciate security researchers who help us keep our users safe.
How to report: Contact us through our Contact page with details of the vulnerability. Please allow us reasonable time to fix the issue before public disclosure.
Report Security Issue