Your data security is our priority
HearthKeep is built with security at every layer. Here is how we protect your household data.
Bank-Grade Encryption
All data is encrypted in transit with TLS 1.3 and at rest with AES-256. Your financial information is always protected.
Secure Bank Connections
We use Plaid to connect to your financial institutions. We never see or store your bank login credentials.
Row-Level Security
Every database query is scoped to your household using Supabase RLS policies. Your data is completely isolated from other households.
Multi-Factor Authentication
Protect your account with TOTP-based two-factor authentication. Available for all household members.
No Password Storage
HearthKeep uses magic links and OAuth for authentication. We never store passwords in our database.
Security Headers
We enforce strict Content Security Policy, HSTS, X-Frame-Options, and other security headers to protect against common web attacks.
Regular Backups
Your data is backed up continuously with point-in-time recovery. Backups are encrypted at rest.
Minimal Data Collection
We only collect data necessary to provide the service. We never sell your data to third parties.
Found a vulnerability?
We take security reports seriously. Please email us at admin@hearthkeep.ai and we will respond within 24 hours.