Security & Privacy
We take the security and privacy of your family’s data seriously. This section explains how the system protects your data at every stage.
Design Principles
- Encrypt everything — Screenshots are encrypted on the device before upload and stored encrypted at rest
- Minimise retention — Screenshots are automatically deleted after the configured retention period
- Isolate families — Each family’s data is completely isolated; no cross-family access is possible
- Least privilege — Role-based access ensures members only have the permissions they need
- Audit everything — All actions are logged with who did what and when
Security Features
| Feature | Implementation |
|---|---|
| Screenshot encryption | AES-256-GCM (encrypted on device, before upload) |
| Transport security | HTTPS/TLS for all API communication |
| Authentication | JWT tokens with configurable expiry |
| Token revocation | Token blocklist — logging out invalidates the token server-side |
| Password hashing | bcrypt with salt |
| Email verification | Required on signup, 24-hour verification link |
| Rate limiting | Auth endpoints rate-limited (3 register/min, 5 login/min) |
| Device auth | Devices use API key authentication (X-Device-Id + X-Device-Key headers) |
| Security headers | CSP, HSTS, X-Frame-Options, Referrer-Policy, Permissions-Policy |
| Data isolation | All queries scoped to family_id — no cross-family data access |
Last updated on