Each interaction between the heater and the cloud uses an encryption (CBC AES) to prevent that the data transfer to the cloud is breached. This is a secret symmetric-key algorithm for encryption. Simultaneously, to make sure the encryption is not hacked, the secret key on the heaters side of the interaction is dynamically negotiating and updating in the cloud to reduce the risk of being hacked.
Further your personal password to the Millheat app is run through a https protocol that makes sure the password is not revealed in the communication with the cloud.
All communication between the Millheat app and the heater take place in our server on AWS (Amazon Web Services) in Europe.