Skip to main content

Trust

Security, from the ground up.

You are trusting us with your most sensitive moments. Here is what we do to earn that trust.

Last updated April 14, 2026

LegacyCompass is built on modern cloud infrastructure and follows the security practices expected of products handling personal, medical-adjacent, and financial data. This page describes what we currently do and, honestly, what we do not yet do.

Encryption

  • At rest. All database records and uploaded documents are encrypted using AES-256 via our storage provider's native encryption.
  • In transit. All traffic between your browser and our servers is protected by TLS 1.2 or higher.
  • Credentials. Passwords are hashed with industry-standard one-way hashing before being stored. We cannot read your password.

Where your data lives

All production data is hosted on infrastructure physically located in the United States. We do not replicate personal data outside U.S. regions.

Access controls

  • Every API route on the platform requires authentication. Each request is resolved to a specific user account before touching a database row.
  • Case ownership is enforced at the API layer: you can only read and modify plans you own or that have been explicitly shared with you.
  • Family members invited via a share link receive view-only access by default. Only the case owner can grant edit access.
  • Administrative access inside LegacyCompass is gated by role, logged to an immutable audit trail, and limited to a small number of staff members.

Subprocessors

We rely on a small set of trusted infrastructure providers to operate the service. Each of them is bound by a data processing agreement.

  • Supabase — primary database, authentication, and document storage (United States).
  • Vercel — application hosting and edge delivery.
  • Anthropic — the AI model that powers the guided planning chat. Your conversations are not used to train public AI models.
  • Stripe — subscription billing and payment processing. LegacyCompass never sees your full card number.
  • Resend — transactional email delivery.
  • Twilio — optional SMS notifications (only when you opt in).
  • Sentry — error monitoring, scrubbed of personal content.

What we do not claim

We believe in being explicit about our limits. As of this writing, LegacyCompass has not completed a SOC 2 Type II audit and is not HIPAA-certified. If your organization requires formal certifications before adoption, please contact us at security@legacycompass.com and we can discuss timelines.

Reporting a vulnerability

If you believe you have found a security issue, please email security@legacycompass.com. We take reports seriously, reply within two business days, and do not pursue legal action against good-faith researchers.

Security — LegacyCompass | LegacyCompass