PAJR uses end-to-end encryption for all messages. Your messages are encrypted on your device and remain encrypted in transit and at rest. We decrypt messages only momentarily to deliver them via Gmail API - we do not store, log, or access message content. Your encryption keys are device-specific and never shared. All customer data is explicitly guaranteed to never be used for AI model training.
🔐 Authentication & Access Control
JWT-Based Authentication
- Secure token-based authentication
- Configurable token expiry (30-day default)
- Token validation on every request
- Automatic token refresh support
Password Security
- bcrypt hashing with salt
- Passwords never stored in plain text
- Strength validation (8+ chars, mixed case, numbers)
- Secure password verification
OAuth Integration
- Google OAuth 2.0 support
- Microsoft Outlook OAuth
- Slack OAuth integration
- Secure token storage
Email Verification
- Email confirmation required
- Secure confirmation tokens
- Account activation workflow
- Prevents unauthorized account creation
🛡️ Data Protection & Encryption
End-to-End Encryption
- AES-256-GCM encryption for all sensitive data
- Messages encrypted on device before transmission
- Device-specific encryption keys (mutual keys between device and backend)
- All data encrypted in transit (MQTT over TLS)
- All data encrypted at rest (database encryption)
- Messages decrypted only momentarily for delivery via Gmail API
End-to-End Encryption in Transit
- HTTPS/TLS 1.2+ for all API communications
- MQTT over TLS for device communication
- Data encrypted on device before transmission
- Certificate validation enforced
- Secure WebSocket connections
- Voice recordings encrypted before sending
Database Security
- Google Cloud Firestore (managed service)
- Automatic encryption at rest
- Access control via IAM
- Audit logging enabled
Key Management
- User encryption keys generated client-side
- Keys stored only on user devices (never on server)
- Encrypted key backups (requires user password)
- Multi-device key sharing via secure exchange
- Key rotation support
- Google Cloud Secret Manager for service secrets only
🤖 AI & LLM Security
Enterprise-Grade AI Provider: PAJR uses AWS Bedrock with Anthropic Claude, an enterprise-grade AI service that provides explicit contractual guarantees that customer data is never used for AI model training. All AI processing occurs through SOC 2 Type II certified and HIPAA eligible infrastructure.
Privacy Guarantees
- Customer data NOT used for training
- Contractual privacy guarantees
- Data residency controls
- Private networking support (AWS PrivateLink)
Compliance Certifications
- SOC 2 Type II certified
- HIPAA eligible
- ISO 27001 compliant
- GDPR compliant infrastructure
AI Service Security
- Data encrypted before AI processing
- Plaintext only in memory during processing
- Results encrypted before storage
- Audit logs and monitoring (metadata only)
- Access controls and IAM
- Data isolation per customer
🌐 API & Network Security
API Protection
- Authentication required for protected endpoints
- JWT token validation
- User-based access control
- Request logging and monitoring
Security Headers
- X-Content-Type-Options: nosniff
- X-Frame-Options: DENY
- X-XSS-Protection enabled
- CORS configuration support
Input Validation
- Email format validation
- Password strength requirements
- Username format validation
- Input sanitization
Device Communication
- MQTT over TLS (port 8883)
- Device authentication required
- Voice recordings encrypted on device before transmission
- All sensitive data encrypted end-to-end
- Device encryption keys stored securely on device
- Secure device registration
☁️ Infrastructure Security
Cloud Platform
- Google Cloud Run (managed service)
- Automatic scaling and load balancing
- DDoS protection
- Automatic security updates
Container Security
- Docker containerization
- Minimal base images
- No unnecessary dependencies
- Regular security scanning
Network Security
- HTTPS-only communication
- Private networking support
- Firewall rules and access controls
- VPC isolation available
Monitoring & Logging
- Request logging
- Error tracking
- Security event monitoring
- Audit trail maintenance
📋 Compliance & Privacy
📄 Privacy Policy & Legal Documentation
Complete Documentation: For complete details about how we collect, use, and protect your data, please review our comprehensive legal documentation:
What Data We Collect
Account Information
- Email address (required)
- Password (hashed, never plain text)
- First name, last name (optional)
- PAJR username
- Account settings and preferences
Communication Data
- Message content (encrypted end-to-end)
- Voice recordings (encrypted)
- Transcriptions (encrypted)
- Message metadata only (no content)
Device & Service Data
- Device IDs and credentials (encrypted)
- OAuth tokens (encrypted)
- Service account information (encrypted)
- System logs (metadata only)
How We Use Your Data
Service Provision
- Authenticate and secure your account
- Process and deliver messages
- Enable voice transcription and AI responses
- Manage device connections
- Send service notifications
AI Processing
- Process messages via AWS Bedrock/Claude
- Data encrypted before AI processing
- Plaintext only in memory during processing
- NEVER used for AI training
- Contractual privacy guarantees
Security & Compliance
- Detect and prevent fraud/abuse
- Comply with legal obligations
- Enforce Terms of Service
- Maintain security audit logs
Data Protection & Sharing
What We Do NOT Do: We do NOT sell your data. We do NOT share your data with advertisers. We do NOT use your data for marketing without consent. We do NOT use your data for AI model training. We do NOT log message content or identifying information.
Third-Party Services
- Google Cloud (infrastructure) - SOC 2, GDPR
- AWS Bedrock (AI) - SOC 2, HIPAA, no training
- Gmail/Outlook APIs (delivery only)
- All data encrypted before sharing
Legal Requirements
- Comply with legal obligations
- Respond to valid legal requests
- Protect rights and safety
- Investigate Terms violations
Your Rights & Choices
Access & Control
- Access your personal data
- Export your data (portability)
- Update account information
- Change privacy settings
Deletion Rights
- Delete your account anytime
- Delete specific messages
- Disconnect services
- Request data deletion
GDPR Rights (EU Users)
- Right to access
- Right to rectification
- Right to erasure
- Right to data portability
- Right to object
Data Retention & Deletion
Retention Periods
- Account data: While account active
- Messages: Per your settings (default: not retained)
- Voice recordings: Per your settings
- System logs: Security purposes (metadata only)
Deletion Process
- Immediate account disable
- Secure data deletion
- Backup data deletion
- Legal retention only when required
- Completion within 30 days
For complete details, please review our full documentation:
🔍 End-to-End Encryption Architecture
🔒 Your Messages Are Encrypted: PAJR uses end-to-end encryption for all messages. Messages are encrypted on your device and remain encrypted in transit and at rest. We decrypt messages only momentarily to deliver them via Gmail API - we do not store, log, or access message content. All identifying information (sender, receiver, subject) is redacted from logs.
What We Minimize Access To
- Email content (subject, body) - decrypted only for delivery
- Voice recordings - encrypted in transit and at rest
- Transcriptions - encrypted in transit and at rest
- Messages - encrypted in transit and at rest
- OAuth tokens - encrypted at rest
- Device credentials - encrypted end-to-end
- All identifying info redacted from logs
What We Log (Metadata Only)
- Timestamps
- Data sizes
- Processing status
- Device IDs
- User IDs
- Error flags
- System metrics
- Message flow (device ↔ account)
How It Works
- Data encrypted on your device
- Encrypted data sent to server (MQTT over TLS)
- Server stores encrypted data at rest
- Server decrypts only momentarily for delivery
- Messages sent via Gmail API
- No message content stored or logged
Key Security
- Device-specific encryption keys
- Mutual keys between device and backend
- Keys stored securely (device + encrypted backend storage)
- Key rotation supported
- HTTPS/TLS for all API communications
- MQTT over TLS for device communication
🔍 Security Best Practices
Secure Development
- No hardcoded secrets
- Input validation throughout
- Error handling without data leakage
- Regular dependency updates
- End-to-end encryption architecture verified
Access Control
- User-based data isolation
- Device authentication
- Role-based access (when applicable)
- Session management
- Cryptographic data isolation
Data Handling
- Minimal data collection
- Purpose-limited data use
- End-to-end encrypted transmission
- Encrypted storage at rest
- Client-side encryption/decryption
🔒 Your Messages Are Encrypted: PAJR implements end-to-end encryption for all messages. Messages are encrypted on your device and remain encrypted in transit and at rest. We decrypt messages only momentarily to deliver them via Gmail API - we do not store, log, or access message content. All identifying information (sender, receiver, subject) is redacted from logs. We use enterprise-grade AI services with privacy guarantees, and all customer data is explicitly guaranteed to never be used for AI model training. We are committed to maintaining the highest levels of security and continuously improving our security posture.
🔐 Encryption Details
Encryption Algorithm
- AES-256-GCM (Galois/Counter Mode)
- 256-bit encryption keys
- 96-bit random nonce per encryption
- Built-in authentication (GCM tag)
- Industry-standard cryptography
Key Derivation
- HKDF (HMAC-based Key Derivation)
- PBKDF2 for password-based keys
- 100,000 iterations (PBKDF2)
- Unique keys per data type
- Cryptographically secure
Data Types Encrypted
- Email content (subject, body)
- Voice recordings
- Transcriptions
- Messages
- OAuth tokens
- Device credentials
- Personal notes
Verification
- Open-source encryption libraries
- Client-side code reviewable
- Cryptographic guarantees
- Third-party security audits
- Transparent architecture