The security of your data and our products is a priority for WorksheetJs. This page describes how we approach security across our packages and website.
01 — Package Security
Our packages and your data
All @worksheet-js/* packages run entirely within your own application. They do not transmit spreadsheet content, cell data, or any user information to our servers or any third party. Your data stays in your application.
02 — Website Security
How we secure worksheetjs.com
We follow industry best practices to keep the website and dashboard secure. All data in transit is encrypted. Access to user accounts and sensitive data is protected and restricted to authorized systems only. We regularly review our platform for potential vulnerabilities.
03 — Protecting Your Data
What we protect and how
- Account credentials are stored securely and never accessible in plain text
- Payment information is handled entirely by Stripe and never stored by us
- License data is stored securely and accessible only through authenticated requests
- Spreadsheet data created with our packages is never collected or transmitted to us
04 — Responsible Disclosure
Reporting a security issue
If you discover a security vulnerability in our products or website, please report it to us privately before making it public. We commit to:
- Acknowledging your report within 2 business days
- Keeping you informed of our progress
- Not taking legal action against good-faith security researchers
05 — Contact
Report a security issue
Email security reports to support@worksheetjs.com with "Security Report" in the subject line.