Trust & Safety

Your data, safe by default.

How we store, encrypt, and control access to the identity and credit information you trust us with.

Encryption at rest

256-bit encryption on every row that contains credit or identity data. Sensitive columns use column-level encryption; larger payloads reference encrypted storage with short-lived tokens.

Encryption in transit

TLS 1.2 or better on every request. HSTS is enforced on our production domain. Internal service-to-service traffic is also TLS-encrypted.

No raw reports on disk

We deliberately do not persist raw credit reports on our infrastructure. Your report view is reconstructed from a short non-PII summary plus an encrypted reference token.

Row-level access control

Every table in the database enforces row-level security. Members can read only their own rows; administrators read via the service role with every action audit-logged.

Audit log on every sensitive action

Logins, password changes, report pulls, subscription changes, refund actions, and admin touches are all written to an append-only audit log with actor, timestamp, and IP.

Deletion on request

Close your account any time. Your profile and associated rows are removed within our scheduled window; audit records are retained only as long as law requires, then purged.

Under the hood

How your data flows, in plain English

Signup

When you create an account, your email and password hash live in the auth system. A corresponding profile row is created on our side — only the minimum needed to deliver the service.

Running a report

When you click Run Report, we charge your card and call our licensed credit-API partner on your behalf. The report is stored encrypted, and only a reference token plus a short summary (scores, counts, utilization buckets — nothing personally identifying) lives in our database. When you view the report, we fetch and decrypt on demand.

Administrative access

Our support team uses a service-role connection that bypasses row-level security only for necessary operations. Every administrative action is recorded in the audit log with the admin's identity, what was accessed or changed, and when.

Backups

Database backups are encrypted, retained on a fixed schedule, and rotated. Restoration from backup requires administrative approval and is audit-logged.

Account closure

When you close your account, we revoke access immediately. Your profile and associated rows are purged on a scheduled sweep — audit records are kept only as long as legally required, then deleted as well.

Encryption

256-bit

At rest and in transit

TLS minimum

1.2+

Enforced with HSTS

RLS enforcement

Every table

Force-RLS on sensitive tables

Raw report storage

None

Reference tokens only

Want the formal version?

Our Privacy Policy and Data Compliance pages spell out the legal framework in more detail.