Your privacy is our priority

We built allora with security and privacy at its core.

Encryption in Transit

All communication between your phone and our servers uses HTTPS with TLS encryption. SMS messages are transmitted through Twilio's secure infrastructure.

Secure Infrastructure

Hosted on Railway with isolated containers, automatic security updates, and managed PostgreSQL with encrypted connections.

No Password Storage

We use phone-based authentication. No passwords to steal or forget. Your phone number is your identity.

Data Minimization

We only collect what's necessary: your phone number, timezone, and the messages you send us. Nothing more.

No Data Selling

We never sell, share, or trade your personal data. Your reminders are private between you and allora.

Webhook Verification

All incoming webhooks (SMS, payments) are cryptographically verified to prevent spoofing and unauthorized access.

Our Security Practices

Data Handling

  • Your messages are processed by AI to create reminders. The AI context is not retained after processing.
  • We never sell or share your data with advertisers.
  • Your data is stored on servers in the United States.
  • Database connections are encrypted using SSL.

Third-Party Services

We use trusted third-party services with strong security track records:

  • Twilio - Enterprise-grade SMS infrastructure with SOC 2 compliance.
  • Stripe - PCI-DSS Level 1 certified payment processing. We never see or store your card details.
  • Railway - Cloud hosting with isolated containers and managed databases.
  • Anthropic/OpenAI - AI providers with enterprise data handling policies.

What We Don't Do

  • We don't track your location.
  • We don't read your messages for advertising.
  • We don't sell your data to third parties.
  • We don't store your payment card details (Stripe handles this).

Reporting Security Issues

If you discover a security vulnerability, please email hello@textallora.com. We appreciate responsible disclosure and will respond within 48 hours.

Questions?

Have questions about our security practices? Contact us and we'll be happy to help.