Security

This page summarizes how we protect your data. Complete terms and more detail on data handling are in our Privacy Policy.

Sign-in

Accounts use standard, secure sign-in with optional two-factor authentication. We do not store your password in a form we can read.

Your data

Your journal is protected in transit and at rest. Access on our side is limited to what we need to run the product.

Employee and support access

Routine operation does not require reading your journal entries. If you need hands-on help, you can opt in under Settings → Account → Support → Employee access (off by default). That grants our team permission to access your account data temporarily for troubleshooting; you can revoke it at any time.

Export your data

You can download your journals from the web app: open Settings (gear icon), go to Import / export, and use Export .txt to download a plain-text file containing your entries. To restore or merge history, use Import with Markdown or plain-text files. Export requires signing in at the web app (https://wherewasi.org).

Account deletion

You can start account deletion from Settings → Account in the web app. Deactivation begins a window before permanent removal; see the Privacy Policy for timing and what we delete.

Report a vulnerability

If you believe you have found a security issue, please email security@wherewasi.org. Include enough detail to reproduce the problem and, if you are comfortable, a way to reach you for follow-up. We appreciate responsible disclosure.