Security

• Accounts require email and password authentication.
• Email verification is required before activating a trial.
• Readiness Rooms are private to the owner and the members they invite.

• Row-Level Security (RLS) is enabled on user data tables.
• Room data is restricted to the room owner and active members.
• User legal consent records are accessible only to the user who created them.

• Documents are stored in a private storage bucket and are not publicly listable.
• Access to a document requires authenticated, authorized membership in the owning room.

• The AI Coordinator never silently writes important changes.
• AI-proposed changes are surfaced for human confirmation before they take effect.
• Destructive actions (delete, share, finalize) require explicit confirmation.

We do not currently claim SOC 2, ISO 27001, HIPAA, or formal external audits. We do not guarantee end-to-end encryption beyond standard TLS in transit and provider-managed encryption at rest. As Relocen matures, we will update this page rather than overstate the current posture.

If you discover a security issue, please email amosiashvili2@gmail.com with details. Please do not publicly disclose the issue until we have had a reasonable chance to investigate.