Your data, kept private and secure.

• In transit: all traffic between your device and Priora is encrypted with TLS 1.2+.
• At rest: the database is encrypted at the storage layer using AES-256.
• Application-level encryption: your most sensitive content — chat messages with your coaches, session summaries, and check-in reflection text — is additionally encrypted at the application layer with a key stored in our managed vault. Even a database backup leak would not expose this content in readable form.
• Passwords are hashed with bcrypt; we never store them in plain text.

Priora's database and authentication run on Supabase infrastructure inside the European Union (Frankfurt, Germany). File attachments you upload to chat are stored in the same EU region. We do not transfer your personal data outside the EU/EEA without an appropriate legal mechanism.

AI responses are generated through the Lovable AI Gateway, which routes prompts to Google (Gemini) or OpenAI (GPT) models. These providers process the prompt only to generate a response and do not train on it.

• You. Your account is the only account that can read your data, enforced by row-level security policies in the database.
• Priora staff: We cannot read your chats, reflections, or session summaries. The application-level encryption means we technically cannot read it from a database dump. Only aggregate, non-personal usage statistics are visible to admins for product improvement.
• Paddle (Merchant of Record) sees your name, email, billing address, and payment details for processing your subscription — never your coaching content.
• AI providers see only the prompt content needed to generate a coaching response.

• Email verification is required for new accounts.
• Passwords are validated against the Have I Been Pwned breach database.
• Sessions use rotating refresh tokens; sign-in from a new device requires your password.
• Forgot-password recovery links are single-use and expire shortly after issue.

As a data subject in the EU/EEA you have the right to:

• Access the personal data we hold about you.
• Rectify inaccurate data — most fields are editable in Settings.
• Erase your data — see the Delete section below.
• Object to or restrict processing.
• Port your data to another service. Email us for a machine-readable export.
• Withdraw consent for any optional processing at any time.
• Lodge a complaint with your local supervisory authority (in Denmark: Datatilsynet).

For any of these requests, email info@priora.dk. We respond within 30 days as required by GDPR.

From Settings → Privacy & data you can permanently delete your entire account and all associated data with a single confirmation. This:

• Removes your profile, every check-in, every chat with every coach, every goal, habit, commitment, insight, recommendation, memory, and notification.
• Cancels any active subscription with Paddle so no further charges occur.
• Removes your authentication record. The deletion is immediate and cannot be undone.

Billing records (invoices, transaction IDs) are retained by Paddle for as long as required by tax and accounting law in your jurisdiction (typically 5–10 years), under their own privacy notice.

• Supabase — managed Postgres database, file storage, and authentication (EU region).
• Lovable — application hosting and AI Gateway.
• Paddle.com Market Limited — Merchant of Record for payments, billing, VAT, refunds, chargebacks.
• Google (Gemini) and OpenAI (GPT) — AI model inference, accessed via the Lovable AI Gateway.

If you believe you've found a security issue, please email info@priora.dk with details. Please give us a reasonable time to investigate before any public disclosure. We don't currently run a paid bug bounty but we will credit responsible reporters.