Trust & Security
Know When I Go
Your privacy is not a feature — it's the foundation of our service.
Know When I Go is built on a simple principle:
Your data is yours. Encrypted. Isolated. Protected. Always.
This page explains, in plain English, how we keep your information safe and how you stay in control at every step.
Our Privacy Promise
We commit to the highest standards of data protection:
- •We only collect the minimum information needed to provide the service
- •We never sell or share your data with advertisers
- •Your data is encrypted at all times
- •Only you can access your content — not our staff, not third parties
- •You can delete your data at any time
- •We operate a zero-access architecture
- •We are registered with the ICO and follow UK GDPR principles
How We Protect Your Data
We combine modern encryption, strict access controls, and industry-grade infrastructure to keep your information secure.
Encryption
- In transit: TLS 1.2+
- At rest: AES-256
- Passwords: Bcrypt hashing with salts
Zero-Access Architecture
Your content is encrypted and isolated. Our team cannot view your notes, entries, or personal information.
Row Level Security (RLS)
Every record is locked to your user ID. Even if someone gained access to the database, they would only see encrypted, isolated fragments.
Backups
- Encrypted daily backups
- Stored in secure AWS regions
- Retained only for operational continuity
Our Infrastructure
Know When I Go is built on trusted, globally recognised platforms:
Amazon Web Services (AWS)
- ISO 27001
- SOC 2 Type II
- GDPR-compliant UK/EU regions
Supabase
- Secure Postgres database
- Built-in RLS
- Encrypted storage
- SOC 2 Type II certified
Vercel
- Secure hosting
- Edge network protection
- Automatic HTTPS
We only use providers that meet strict security and compliance standards.
What We Collect — and Why
We believe in data minimisation.
| Data Type | Purpose | Notes |
|---|---|---|
| Account email | Login & verification | Never shared or sold |
| Password | Secure authentication | Bcrypt hashed |
| User-created content | Core service functionality | Encrypted, zero-access |
| Device/IP metadata | Security & fraud prevention | Retained briefly |
| Cookies | Essential site functionality | No advertising cookies |
We do not collect unnecessary personal information.
Data Retention
We keep your data only for as long as you use the service.
| Data Type | Retention | Reason |
|---|---|---|
| Account data | While your account is active | Service delivery |
| User content | Until you delete it | Core functionality |
| Backups | 30 days | Disaster recovery |
| Logs | 30–90 days | Security monitoring |
You can delete your account and all associated data at any time.
Your Controls
You are always in control of your information.
- ✓Download your data
- ✓Delete your data
- ✓Delete your entire account
- ✓Withdraw consent
- ✓Request corrections
We respond to all data requests promptly and transparently.
Third-Party Processors
We only work with trusted, security-certified providers.
| Provider | Purpose | Location |
|---|---|---|
| AWS | Hosting & storage | UK/EU |
| Supabase | Database & auth | EU |
| Vercel | Front-end hosting | EU/Global |
| Email provider | Transactional emails | EU/UK |
| Analytics (if used) | Performance only | No personal data |
We never share your data with advertisers or social platforms.
Responsible Disclosure
We welcome security researchers who help keep our platform safe.
If you believe you've found a vulnerability, contact us at: security@knowwhenigo.co.uk
We will investigate promptly and keep you informed throughout the process.
Annual Data Protection Statement
Each year we publish a short summary of:
- Improvements made
- Audits completed
- Security enhancements
- Planned upgrades
- Incident status (we aim for zero incidents)
This demonstrates our commitment to continuous improvement.
Certifications & Compliance
- ICO registered
- UK GDPR compliant
- Built on ISO 27001 & SOC 2 Type II certified infrastructure
- Cyber Essentials (in progress)
Our Commitment to You
We treat your data with the same care we'd expect for our own. Security isn't something we bolt on — it's built into every layer of Know When I Go.
If you ever have questions about how we protect your information, we're here to help: privacy@knowwhenigo.co.uk