Security
Protecting your data and keeping your estimation sessions private is a core priority for Team Poker.
Encryption in Transit
All communication between your browser and our servers is encrypted using TLS (HTTPS). This includes page loads, API requests, and real-time WebSocket connections during estimation sessions. Your votes and session data are never transmitted in plain text.
Authentication & Access Control
Passwords are hashed using bcrypt and are never stored in plain text. Authentication tokens are securely managed and scoped to your session. Game sessions are protected by unique invite codes, ensuring only authorised participants can join.
Infrastructure
Our application is hosted on modern cloud infrastructure with automated backups, network isolation, and regular security updates. Database access is restricted and not exposed to the public internet.
Data Privacy
We collect only the minimum data necessary to provide the service. Estimation data belongs to your team. We do not sell, share, or use your data for advertising purposes. For full details, see our Privacy Policy.
Session Privacy
Votes are hidden until the Scrum Master reveals them, preventing anchoring bias. Real-time updates are delivered over authenticated WebSocket channels, so only participants in a session can see its activity.
Responsible Disclosure
If you discover a security vulnerability, we appreciate your help in disclosing it responsibly. Please email us at security@teampoker.app with details and we will respond promptly.
Security Questions?
If you have questions about our security practices or need to report an issue, reach out at security@teampoker.app or visit our support page.