Security overview

This overview summarizes how we approach security for Pinnacle AdForge, operated by Pinnacle MAV Media LLC. It is not an audit report, certification, or guarantee of uninterrupted or error-free service; customers remain responsible for their own security configurations, access policies, and compliance programs.

1. Architecture

The application is deployed on managed cloud infrastructure with network isolation, least privilege for production access, and separation between environments where practicable.

2. Encryption & transport

Traffic between users and the Service is encrypted with modern TLS. Connections to core data services use provider-supported encryption in transit.

3. Authentication & access

We use industry-standard authentication (including OAuth providers where you enable them), session management, and role-based access inside organizations. We recommend SSO, strong passwords, and MFA where available.

4. Data storage

Customer Content and database records are stored with our database and storage providers under access-controlled accounts. Backups and retention follow provider capabilities and our operational policies.

5. Vendor management

We assess subprocessors for security and privacy practices appropriate to the data they handle. See Subprocessors.

6. Incident response

We maintain procedures to detect, contain, and remediate security incidents. Customers with a DPA receive breach notifications as described there when applicable.

7. Report a vulnerability

If you believe you have found a security vulnerability in Pinnacle AdForge, email technical@thepinnacle.media with reproduction steps. Please avoid public disclosure until we have had a reasonable time to investigate. We do not operate a public bug bounty program unless separately published.

8. Mailing address

Pinnacle MAV Media LLC — Pinnacle AdForge