Trust & security

Designed to protect
the most intimate moments.

Privacy is not a feature we bolted on. It is the architecture. Every decision in how Ki Shadi is built begins with the same question: what happens if this goes wrong?

Last reviewed: May 2026

Access control

There are no public URLs in Ki Shadi. Every point of access — for guests, for the couple, for vendors — is protected by a signed JSON Web Token bound to a specific identity.

  • Each invitation link is single-use and non-transferable
  • Tokens are bound to the recipient's IP address range at time of issuance
  • Forwarding a link to another device or browser causes immediate, silent rejection
  • The couple can revoke any individual token at any time from the admin panel
  • Photographer tokens are scoped to upload-only — they cannot access the guest gallery

Encryption

All data in Ki Shadi is encrypted in transit and at rest. We use a per-event key hierarchy so that the compromise of one event's keys does not affect any other.

In transit

  • All connections are TLS 1.3 with HSTS enforced
  • Certificate pinning is applied to all first-party API calls
  • Livestream video is delivered over encrypted HLS with signed segment URLs

At rest

  • Media files are encrypted with AES-256 using per-event keys stored in Azure Key Vault
  • Database fields containing personal data are encrypted at the column level
  • Stripe handles all payment data — card numbers never touch our servers

Key destruction

When the Burn Sequence runs, the per-event encryption keys are destroyed before the underlying data is deleted. Even if data residue remained on a storage medium, it would be computationally unrecoverable.

Infrastructure

Ki Shadi runs on Microsoft Azure, with primary regions in UK South and South Asia. We chose Azure for its compliance posture across the jurisdictions our couples live in, including ISO 27001, SOC 2 Type II, and GDPR adequacy.

  • Compute: Azure App Service with autoscaling
  • Media storage: Azure Blob Storage with geo-redundancy disabled by design (data stays in the couple's region)
  • Edge delivery: Azure Front Door for global latency reduction
  • Secrets: Azure Key Vault with HSM-backed keys
  • Monitoring: Azure Monitor with anomaly alerts

Penetration testing & audits

Ki Shadi undergoes annual penetration testing by an independent third party. We also run automated vulnerability scanning on every deployment. Results are reviewed by our engineering team and critical findings are remediated within 24 hours.

Summaries of our most recent security assessment are available to enterprise customers and press on request at security@ki-shadi.com.

Responsible disclosure

If you discover a security vulnerability in Ki Shadi, please report it to security@ki-shadi.com. We will acknowledge your report within 24 hours and work with you to understand and address the issue before any public disclosure.

We do not pursue legal action against researchers who act in good faith. We do not offer a bug bounty programme at this time, but we will acknowledge your contribution publicly if you wish.