Built to keep your field data private

All traffic is encrypted in transit with HTTPS/TLS 1.2+. Your data — including voice notes — is encrypted at rest in our managed cloud database and storage.

Every table enforces row-level security policies in the database itself. Even if a query somehow escaped the app, the database would still refuse to return another user's routes, stops, contacts, or voice notes.

Optional time-based one-time passwords (TOTP) via Google Authenticator, Authy, 1Password, or any compatible app. Enable it any time in Security settings.

On signup and password change, your password is checked against the Have I Been Pwned database. Passwords known to be exposed in public breaches are rejected — your password itself is never sent in plain text.

Passwords are hashed with bcrypt — we never see or store them. New accounts must confirm their email address before they can sign in.

Voice recordings live in a private storage bucket. They can only be downloaded by an authenticated server function acting on your behalf to generate a transcript.

Payment and route-import webhooks verify cryptographic signatures before any data is touched. Server functions that act as you require a valid auth token on every call.

Delete an individual route, voice note, or your entire account from the app. Account deletion permanently removes your routes, stops, visits, voice notes, and subscription records within 30 days.

Ever. No advertisers, no data brokers, no marketing resellers. Service providers (database, transcription, payments, mapping) only process what they need to deliver the feature you used.