Security & Privacy
How we protect your sensitive family data
GenogramAI handles sensitive family information including medical histories, relationships, and personal details. We take security seriously with client-side encryption and privacy-first design.
Encryption
All genogram data is encrypted using AES-GCM before leaving your browser. This means even if someone accessed the database, they could not read your data.
User-Derived Keys
Encryption keys are derived from your unique user ID. Only you can decrypt your data.
AES-GCM Algorithm
Industry-standard 256-bit AES encryption with Galois/Counter Mode for authenticated encryption.
Client-Side Encryption
All data is encrypted in your browser before being sent to the server. The server never sees plaintext.
Secure Storage
Encrypted data is stored in Supabase with additional database-level security measures.
How Encryption Works
Key Derivation
When you sign in, a unique encryption key is derived from your user ID using cryptographic functions. This key exists only in your browser memory.
Encryption Before Save
When you save your genogram, the data is encrypted in your browser using AES-GCM. A random IV (initialization vector) is generated for each save.
Secure Transmission
Only encrypted (ciphertext) data is sent to Supabase servers over HTTPS. The server receives and stores data it cannot read.
Decryption on Load
When you load a genogram, encrypted data is fetched and decrypted in your browser using your derived key. Plaintext never leaves your device.
Zero-Knowledge Architecture
GenogramAI uses a zero-knowledge approach—we cannot see, read, or access your family data. Even our database administrators cannot decrypt your genograms.
Privacy Practices
- Genogram data is never shared between users
- No third-party analytics on your genogram content
- AI processing is stateless - prompts are not stored
- Full data deletion with cascade on account removal
- No selling or monetization of user data
- Minimal data collection - only what is necessary
AI & Your Data
What AI Sees
- • Your text prompts (for generation)
- • Uploaded images (for vision processing)
- • Current genogram state (for editing)
What AI Does NOT Store
- • Prompts are not logged or saved
- • Images are processed and discarded
- • No training on your data
AI Processing Disclaimer
When you use AI features, your prompts and images are sent to Google's Gemini API for processing. While Google has strong privacy practices, this data briefly leaves GenogramAI's systems. For maximum privacy, use manual editing only.
Data Deletion
Deleting Your Data
You have full control over your data. When you delete a genogram or your account:
- Individual genograms can be deleted permanently from your dashboard
- Account deletion removes all associated genograms via cascade delete
- Deleted data is permanently removed from our databases
- No backups are kept of deleted encrypted data
Security Best Practices
Use Strong Authentication
Sign in with Google or create a strong password for your account.
Regular Backups
Export your genograms as JSON files periodically for local backup.
Be Mindful of Sharing
When sharing PNG exports, remember they may contain sensitive family information.
Use Private Browsing Wisely
If using a shared computer, consider private/incognito mode and sign out when done.
Review Before Export
Double-check what data is visible before exporting or sharing genograms.
Security Questions?
If you have concerns about security or need to report a vulnerability, please contact us. We take all security reports seriously.
Contact Security Team