Security at Klingy
Your memory should belong to you. Here is how Klingy is built to keep it that way.
Encrypted in transit and at rest
All data sent between your device and Klingy is encrypted with HTTPS/TLS. Data stored in our database is encrypted at rest by our cloud provider.
Row-level security
Klingy uses Row-Level Security (RLS) on every database table. You can only access data that belongs to your account. No other user — and no Klingy team member — can read your captures.
Secure authentication
Klingy uses Supabase Auth with email verification. Passwords are never stored in plain text. We support secure session cookies and automatic token rotation.
No data sold to third parties
We do not sell, rent, or trade your data. Captures are processed for AI extraction and organization, then stored securely in your private vault.
Regular backups
Automated backups help protect against data loss. We take reasonable measures to keep your information safe and recoverable.
What we do not claim
Klingy is not end-to-end encrypted (our server processes captures for AI extraction). We are not SOC 2 certified, HIPAA compliant, or zero-knowledge. We are honest about our security posture and are committed to improving it as we grow.