Skip to content Skip to footer
0 items - $0.00 0
Login
0 items - $0.00 0
Echoeback - Send Messages to Your Future Self
Close
🔒 Enterprise-Grade Security

Your Memories Are
Protected by Design

We built EchoeBack with security at the core — not as an afterthought. Your capsules are encrypted, access-controlled, and stored on infrastructure trusted by millions worldwide.

Infrastructure & Encryption

Every layer of EchoeBack is built on proven, audited technology.

🔐

AES-256 Encryption

All data is encrypted at rest using AES-256, the same standard used by banks and governments. Your capsules are unreadable without your authentication.

🔗

TLS 1.3 in Transit

Every connection between your device and our servers uses TLS 1.3 encryption. Your data is protected from interception at every point.

☁️

AWS Cloud Infrastructure

We host on Amazon Web Services — the same infrastructure used by Netflix, NASA, and major banks. SOC 2 certified data centers with 99.99% uptime.

🗄️

Supabase Database

Built on PostgreSQL with Row Level Security (RLS). Every database query is scoped to the authenticated user — no one else can access your data.

📹

Secure Video Storage

Video capsules are stored in encrypted S3 buckets with signed URLs. Files are only accessible through authenticated, time-limited links.

🔑

Authentication

Passwords are hashed with bcrypt. Sessions are managed with secure, httpOnly tokens. Supports password reset with email verification.

Access Control & Privacy

Your capsules are yours. We enforce strict access controls at every level.

👤

User-Scoped Data

Row Level Security (RLS) policies ensure every query is filtered by your user ID. Even our own team cannot read your capsule content.

📧

Delivery Verification

Email capsules are delivered only to the intended recipient at the scheduled time. Recipient identity is verified through the unique delivery link.

🛡️

Content Moderation

Shared content goes through a review queue before becoming public. Private capsules are never reviewed, accessed, or shared — ever.

🗑️

Account Deletion

Full account deletion is available. When you delete your account, all associated data — capsules, videos, letters — is permanently removed.

Compliance & Standards

We follow industry best practices and comply with data protection regulations.

🔒
SSL/TLS Encrypted connections everywhere
🏛️
GDPR Ready Data portability & right to delete
💳
PCI DSS via Stripe We never store your card details
☁️
AWS SOC 2 Certified cloud infrastructure

Our Security Commitments

What we promise and how we deliver.

🛡️ What We Guarantee

  • We never sell your data to third parties — ever
  • We never read your private capsule content
  • All passwords are hashed, never stored in plain text
  • Payment processing is handled entirely by Stripe — we never see your card
  • Video files are encrypted at rest in private S3 buckets
  • Database access is restricted by Row Level Security policies
  • We perform regular security reviews of our codebase
  • All API endpoints require authentication tokens
  • Account deletion permanently removes all your data
  • We use HTTPS everywhere — no exceptions

Questions About Security?

We take your privacy seriously. Reach out to our team anytime.

Contact Our Team