Security at Lark
Your bookmarks contain a map of your interests, research, and digital life. We take the responsibility of protecting that data seriously.
Our Approach
Security isn't an afterthought. It's built into everything we do.
We've designed Lark from the ground up with security as a core principle. From encryption to access controls, every decision we make considers the security implications.
Our team follows industry best practices and regularly reviews our security posture. We believe transparency builds trust, which is why we share our approach openly.
How we protect your data
Encryption in transit
All data transmitted between your browser and our servers is encrypted using TLS 1.3. We enforce HTTPS across all connections with no exceptions.
Encryption at rest
Your bookmarks and personal data are encrypted at rest using AES-256 encryption. Database backups are also encrypted and stored securely.
Secure authentication
Passwords are hashed using bcrypt with unique salts. We support two-factor authentication (2FA) for an additional layer of account security.
SOC 2 Type II
We maintain SOC 2 Type II compliance, which means our security controls are independently audited and verified on an ongoing basis.
Cloud infrastructure
Lark runs on industry-leading cloud infrastructure with built-in security controls, automated patching, and network isolation.
Regular audits
We conduct regular security assessments and penetration testing. Identified vulnerabilities are addressed promptly according to severity.
Privacy by design
Your data belongs to you
We don't sell your data or use it for advertising. Your bookmarks are yours alone. Export everything anytime in standard formats.
Minimal data collection
We only collect what's necessary to provide the service. No tracking pixels, no third-party analytics that compromise your privacy.
GDPR compliant
We comply with GDPR and respect your right to access, correct, and delete your personal data. Data processing is transparent and lawful.
No browsing history
We only store the bookmarks you explicitly save. We don't track your browsing history or monitor your online activity.
Infrastructure
Built on a foundation of security.
Our infrastructure is hosted in SOC 2 certified data centers with 24/7 physical security, biometric access controls, and redundant power systems.
We use containerized deployments with automated security scanning, dependency monitoring, and continuous vulnerability assessment.
Network traffic is isolated using virtual private clouds with strict firewall rules. Internal services communicate over encrypted channels.
Security researchers welcome
Found a vulnerability? We appreciate responsible disclosure and work with security researchers to address issues quickly. Report security concerns to our security team.
Questions about security?
Our team is happy to answer questions about our security practices and provide additional documentation upon request.