Your data is yours.

Your contact network is one of your most valuable professional assets. We treat it that way. Here's exactly how we keep it safe.

Encryption at rest & in transit

All data is encrypted using AES-256 at rest on Supabase (PostgreSQL). All connections use TLS 1.3. Your contact data is never transmitted unencrypted.

Data isolation

Your data is stored in row-level security (RLS) tables. No other user can query your contacts, interactions, or notes. Our own team access is limited and logged.

No AI training on your data

We use AI models (Claude Sonnet, Qwen3) to power recommendations. Your contact data is processed in real-time but never stored by model providers or used to train future models.

Rate limiting & input sanitization

All API endpoints are rate-limited to prevent abuse. All user inputs are sanitized against injection attacks. Sentry monitors for anomalies in real time.

Infrastructure

Database

Supabase (PostgreSQL)

Row-level security enabled

Hosting

Vercel

Edge-optimized, zero-downtime deploys

Monitoring

Sentry

Real-time error tracking

Report a security issue

If you discover a security vulnerability, please contact us immediately at . We will respond within 24 hours and work with you to address the issue responsibly. We do not currently have a formal bug bounty program, but we deeply appreciate responsible disclosure.

Please do not publicly disclose vulnerabilities before we have had a chance to address them.