Security policy

We shall make sure that adequate safety measures are in place to prevent unauthorized access to personal data.

As few personal data as possible

To minimize the risks, personal information is saved as few as possible.

Payment details are not retained.

Secure SSL/TLS connection

All connections are SSL/TLS protected.

Stitch Fiddle achieves the highest score (A+) in the SSL report from Qualys SSL Labs.
Stitch Fiddle achieves an A score at Sophos.
Stitch Fiddle achieves an A+ score at Mozilla Observatory.
Stitch Fiddle achieves a 100% score at


Password are saved as a hash using a one-way hashing technique.

Each time a password is updated, a new unique salt is assigned.

When you change your password, you will automatically be logged out at other locations (when you logged in somewhere else as well).


All systems are regularly updated with the latest updates and patches and scanned for the presence of viruses.


All systems have a firewall with a restrictive set of rules.

Request limitation

There is a maximum in the number of requests within a certain amount of time.
When there is an unusually high number of requests or suspicious requests, the originating network will be temporarily blocked.

Server access (SSH)

Access to the servers is limited to only allow our own IP addresses. We have implemented the Mozilla guidelines.

OWASP top 10

Stitch Fiddle complies to the OWASP top 10 (2013).

View or update your security settings

You can review and update your security settings at any time in your account settings.

Report security issue

When you found a security issue, we will really appreciate it and feel grateful to you if you would write us and tell us more about it.


Stitch Fiddle may change this security policy. This page always shows the latest version.

For questions regarding the security policy you may contact us.

The security policy was last modified on January 19, 2018.

Design your first own pattern

Start now designing your own first pattern!

Start now