Data Encryption

All data transmitted between your devices and Alfred is encrypted using TLS 1.3 (encryption in transit). Your data stored on our servers is encrypted at rest using AES-256 encryption, the same standard used by banks and government agencies.

Secure Infrastructure

Alfred is built on Supabase, which runs on enterprise-grade infrastructure with built-in security controls including row-level security, role-based access control, and automated backups. Our application is deployed on Vercel with edge network protection and DDoS mitigation.

Authentication & Access Control

We use industry-standard authentication with secure password hashing (bcrypt) and support for multi-factor authentication. Family data is isolated at the database level — your family's information is never accessible to other users.

SOC 2 Compliance

We are actively working toward SOC 2 Type II certification. Our infrastructure providers (Supabase and Vercel) are already SOC 2 compliant. We follow SOC 2 principles for security, availability, and confidentiality in our own processes.

Regular Security Audits

We conduct regular security reviews of our codebase and infrastructure. We use automated vulnerability scanning, dependency monitoring, and follow secure development practices including code review for all changes.

Data Privacy

We never sell your data. We only use your information to provide and improve Alfred. For full details, see our Privacy Policy.

Report a Vulnerability

If you discover a security issue, please report it responsibly to support@alfredfamily.ai. We take all reports seriously and will respond promptly.