Security at Compendio

Your journal entries, goals, and habits are deeply personal. Here's how we keep them safe.

Encryption

All connections to Compendio are encrypted with TLS/HTTPS, so your data is protected in transit. At rest, your data is stored in Cloudflare D1 with encryption at the storage layer — no one can read raw database files without the proper keys.

Authentication

Passwords are hashed with Argon2id, the current gold standard for password storage. We also support sign-in with Google and Apple for passwordless convenience, and email verification to confirm your identity. Two-factor authentication via email is available for an extra layer of protection.

Your Data, Your Control

You can export all your data at any time from your account settings. If you want a fresh start, you can reset your account. And if you decide to leave, you can delete your account entirely — we include a 24-hour safety window so you can change your mind, after which all your data is permanently removed.

Privacy by Design

We follow GDPR principles with a clear cookie consent system that lets you choose which cookies to accept. We don't track you beyond what's essential for the app to function. We never sell your data to third parties, and we never will. Your thoughts and reflections are yours alone.

Infrastructure

Compendio runs on Cloudflare Workers, a global edge computing platform. This means your requests are served from the nearest data center for fast, reliable access. We use rate limiting to prevent abuse, validate all inputs to guard against injection attacks, and include CSRF protection on every form submission.

Responsible Disclosure

If you discover a security vulnerability, we'd appreciate your help in disclosing it responsibly. Please contact us at security@compendio.net and we'll work with you to resolve it promptly.

Start your journey

Your data is safe with us. Focus on what matters — we'll take care of the rest.

Create Your Free Account