We take security seriously. Here's exactly how we protect your memories.
How your data is secured at every step
All data between your browser and our servers is encrypted using TLS 1.3, the latest security protocol. This is the same standard used by banks and financial institutions.
Your memories are encrypted using AES-256 when stored in our database. This military-grade encryption ensures that even if someone gained access to our servers, they couldn't read your data without the encryption keys.
Server-side encryption: ZDRAVO uses server-side encryption (not end-to-end). This means we technically can access your data for operations like semantic search, auto-tagging, and generating summaries. We never do this except as required by law or to provide the service you requested.
Where your data lives
Primary data center: AWS US-East (N. Virginia). All data is stored here by default.
GDPR-compliant EU data center option for Enterprise customers.Contact us for early access.
Our commitment to standards
Right to access, delete, and export your data. Data Processing Agreements available for Teams tier.
Audit scheduled for Q3 2025. Estimated certification: Q4 2025.
California privacy compliance roadmap: Q1 2026
What we collect and why
We collect: Your saved conversations, email (for auth), usage analytics (anonymized), and payment info (via Stripe - we never see your card details).
We do NOT collect: Your browsing history outside AI platforms, personal identifiers beyond email, or sell any data to third parties.
Third parties: We use Supabase (database), Vercel (hosting), Stripe (payments), and OpenAI (embeddings for semantic search only - no conversation content sent).
Our uptime commitment
Monthly Uptime Guarantee
β Max 43 minutes downtime per month
β Real-time status: status.zdravoai.com
β Service credits if we fall short (Pro/Teams only)
β Incident response: <15 minutes during business hours
Questions about security?
Contact security@zdravoai.com