Security
Your data is secure. Your privacy is protected. We never train on your conversations.
Your data never trains our AI
Pictor uses Anthropic's Claude API for AI coaching. Anthropic does not train on customer data. Your conversations remain completely private and are never used to improve AI models or shared with other customers.
Enterprise-grade security
All your data is encrypted at rest using AES-256 encryption and in transit using TLS 1.3. We use Supabase (PostgreSQL) for secure data storage with enterprise-level security controls.
Every database table has Row-Level Security (RLS) policies ensuring users can only access their own data. This prevents any data leakage between users.
Secure authentication
We use industry-standard bcrypt password hashing with HTTP-only secure cookies. Admin accounts have additional protection with automatic lockout after 5 failed login attempts.
GDPR compliant
Pictor is fully compliant with GDPR, CCPA, and international privacy regulations. You have full control over your data and can export or delete your account at any time.
No third-party data sharing
We never sell, rent, or share your data with third parties. Your coaching conversations, insights, and session data remain completely private.
Data retention
You own your data. When you delete your account, all your data is permanently and immediately removed from our systems. This action cannot be undone.
Questions?
For security questions or to report a vulnerability, contact us at info@yourpaths.eu
Read our Privacy Policy for more details.