✚
Encrypted records
Medical, allergy and contact details are field-encrypted with AES-256-GCM at rest — readable only inside your estate, with the key held separately from everything else.
Discretion, by design
Privacy is the product.
A private household trusts you with its most sensitive details. The system is built so that trust is structural — not a policy, but how the software works.
◇
Sealed tenants
Every household is isolated from every other. The boundary is enforced on every request and proven by an automated regression test — not trusted to convention.
◆
Immutable audit
An append-only record of who changed what, when, and from where — the trail a principal can rely on, and the proof of service a household runs on.
⟲
Recoverable
Point-in-time recovery sits behind the live database, with an encrypted daily backup in separate storage. A mistake is reversible; the record is durable.
⛨
Hardened access
Strong password hashing, revocable sessions, a bot gate on public paths, and rate limits on sign-in — access is gated by role, and the operator can revoke in one click.
▲
Encrypted transport
HTTPS is forced at the edge with HSTS and a full set of security headers. Nothing leaves the household in the clear.
In one line
Built to keep a confidence.
Least privilege
Each person sees only what their role and the household's plan allow — nothing more.
No data resale
Your estate's data is yours. It is never sold, shared, or used to train anything.
Under NDA
Every engagement begins under a non-disclosure agreement. Discretion is a discipline.
Private · By invitation
Read the full security brief.
Shared with prospective estates, under NDA. Request it →
Request access