Security & Privacy
Your data belongs to you.
Propiology is built on AWS infrastructure with security and privacy as architectural properties — not afterthoughts.
Authentication & Identity
AWS Cognito
All user authentication is managed by AWS Cognito with industry-standard password hashing, email verification, and optional TOTP multi-factor authentication.
Role-based access control
Five Cognito user groups (End-Users, Coaches, Corporate Admins, Healthcare Providers, Super Admins) with group-level permissions enforced at the API and data layer.
Session management
JWT tokens with configurable expiry. No session tokens stored in plain text. Cognito handles token rotation and revocation.
Data Storage & Encryption
DynamoDB at rest
All user data — habits, Readiness Scores, journal entries, AI conversations, and biometric entries — is stored in AWS DynamoDB with encryption at rest using AWS-managed keys (AES-256).
S3 object storage
Reports and profile images are stored in AWS S3 with server-side encryption. Object-level access control enforced by pre-signed URLs with short expiry windows.
In-transit encryption
All data in transit uses TLS 1.2 or higher. API endpoints are HTTPS-only. No unencrypted channels.
Individual Data Privacy
Your data is yours
Journal entries, AI conversations, and biometric data are private to you by default. No administrator — including your organization's HR department — can access this data without your explicit consent.
Data export
You can export all your data (habits, scores, journal entries, AI conversations) in JSON format from account settings at any time.
Account deletion
Deleting your account permanently removes your data from our systems within 30 days. Exported reports held by your organization are not affected by this deletion.
90-day data retention after cancellation
If your subscription lapses, your data is preserved in read-only mode for 90 days. You can export everything during this window.
Team & B2B Data (Command Center)
Anonymized by default
In the Command Center, individual Readiness Scores are anonymized by default. Corporate Admins see aggregate scores, not individual data.
Consent-based individual access
A Corporate Admin can request individual access. The End-User receives an in-app and WhatsApp notification. The user explicitly accepts or declines. No access is granted without affirmative consent.
Audit logging
Every consent event, access grant, access revocation, and data export is logged to DynamoDB with ISO 8601 timestamp, actor ID, and action type. Logs are immutable and exportable for compliance review.
Consent revocation
Users can revoke individual access grants at any time from account settings. Revocation takes immediate effect.
Infrastructure & Compliance
AWS Amplify Gen 2
Deployed on AWS Amplify Gen 2 with CDK-based backend infrastructure. CI/CD pipeline with automatic deployments from GitHub. Branch preview environments for testing.
Region
Data stored in AWS us-east-1 (United States) by default. Enterprise customers in specific regulatory jurisdictions can request data residency in other AWS regions.
HIPAA posture
Propiology's data architecture is designed with HIPAA compliance in mind — Cognito authentication, DynamoDB encryption at rest, audit logging, and consent model. Customers in regulated healthcare settings should consult with their compliance team before deployment.
SOC 2
AWS infrastructure (Cognito, DynamoDB, S3, Lambda) is SOC 2 Type II certified. Propiology application-level SOC 2 compliance is on the roadmap for post-MVP.
WhatsApp & Third-Party Integrations
WhatsApp (Twilio)
WhatsApp messages are sent via Twilio's WhatsApp Business API. Your WhatsApp number is stored encrypted in DynamoDB. Opt-in and opt-out is controlled from your account settings. Twilio processes messages under their own privacy policy.
Biometric providers
Fitbit and Garmin integrations use OAuth 2.0. We store only the OAuth refresh token (encrypted) and the biometric data pulled via the API. We do not store raw OAuth credentials.
AI providers
AI tool conversations are sent to Anthropic's Claude API (or OpenAI, if configured). Your conversation content is processed according to the AI provider's data processing agreement. We store conversation history in DynamoDB under your account.
Stripe
Payment processing uses Stripe. We do not store full payment card numbers. Stripe processes payments under PCI DSS compliance. We store your Stripe customer ID and subscription status in DynamoDB.
Security questions or incidents
For security disclosures or data privacy inquiries, contact us at hello@propiology.com.
We respond to security inquiries within 24 hours on business days.