Security Policy

The security of your personal information is important to us. We use reasonable and appropriate physical, technical, and administrative industry safeguards to protect information from unauthorized access, use, loss, misuse or unauthorized alteration.

What we do

Our systems never access your full credit card number, and we encrypt the most sensitive information like tax information using transport layer security (TLS). We also offer advanced security measures, such as two-factor authentication for signing in, and CAPTCHA verification in cases when a bot is detected, when a user attempts to login from a suspicious IP address or after rapid succession login attempts. We only serve traffic over HTTPS, which encrypts all data between you and us.

What you should do

As a creator or patron, you can help prevent unauthorized access to your account and information by choosing a strong and unique password which is stored in a password manager. If you have any questions about the security of your personal information, you can contact us at [email protected].

If you are a security expert or researcher and you believe that you have discovered a security-related issue with Patreon, we appreciate your help in disclosing the issue to us responsibly. You can sign up for our bug bounty program and submit bug reports to us at [email protected]. Please include a detailed description of the issue and the steps required to reproduce what you have observed when you submit bug reports. For sensitive issues, you can use our PGP key: https://www.patreon.com/security_pgp_key.asc

What you should not do

Please do not engage in any behavior that endangers the security of our website and users. Below are some examples of things you should not do on Patreon.

  • Illegal Activities - Don’t break the law or encourage others to break the law.
  • Personal Information - Don’t distribute others’ personal information or otherwise abuse it. Creators with access to their patrons’ personal information should not use it for anything unrelated to Patreon.
  • Spam - Don’t spam others or distribute unsolicited advertising material.
  • Malware - Don’t use Patreon to host or distribute, malicious or destructive software.
  • Service Degradation - Don’t degrade others’ use of Patreon or do any kind of brute force or load testing.
  • Data Mining - Don’t crawl, scrape or otherwise index information on Patreon. If you are doing this to create a useful feature then we may allow it, but you must check with us first.
  • Reverse Engineering - Don’t reverse engineer or access our code in any manner that is not authorized by us. If you are interested in improving Patreon’s security, email [email protected] to sign up for our bug bounty program.

If you engage in any of these behaviors, or otherwise endanger the security of our website and users we may terminate your account.