Security

Your journal contains your most private thoughts. We take that responsibility seriously.

🔒

Encrypted in Transit

All data is encrypted via HTTPS/TLS. Your entries never travel over the wire unprotected.

🛡️

Row-Level Security

Our database uses Row-Level Security (RLS) so your data is only accessible to your authenticated account — even at the database level.

🔑

Biometric Lock

On mobile, you can require Face ID or fingerprint to open Auricle. Your journal stays locked even if your phone is accessed.

🚫

No Ads, No Tracking

We do not run ads. We do not sell or share your data with advertising networks or data brokers.

🔐

Secure Authentication

Sign in with Apple, Google, or email. Passwords are never stored in plain text. OAuth tokens are handled securely via Supabase Auth.

🗑️

Full Data Deletion

Delete your account anytime. Your entries, recordings, and voice data are permanently removed from our systems.

A note on AI processing

Auricle's AI features (transcription, questions, reflections, weekly summaries, text-to-speech) require processing your entries on our servers via OpenAI. We do not offer end-to-end encryption because of this. Your entries are processed with the minimum data needed and are never used to train AI models.

Security concerns or vulnerability reports: security@auriclejournal.com