AaiBuddyAI Companion
← Back to site

How we protect you

Security

Security is built into AaiBuddy from the data model up. A few of the practices we hold ourselves to during the preview.

Credentials

Passwords are stored only as salted hashes — never in plain text — and reused passwords are rejected on reset.

Password-reset and verification codes are single-use, time-limited, attempt-limited, and stored only as hashes.

Secrets & tokens

Third-party tokens for connected products live in a dedicated secrets manager. Our database keeps only a reference, so raw secrets never sit in app storage.

Transport & access

Traffic is served over TLS. Access to data is scoped per account and guarded by signed, expiring session tokens.

Sessions can be reviewed and revoked, and sign-out ends the active session.

Responsible disclosure

Found something? We welcome reports and will work with you to confirm and fix issues quickly.

Effective 1 June 2026 · Early preview · Report: security@aaibuddy.local

More policies:Terms and ConditionsPrivacySecurity