Your Family's Data is
Safer Than Fort Knox
We protect your children's information with military-grade encryption, continuous monitoring, and strict compliance with international privacy laws. Because your trust is everything.
0
Data Breaches Ever
100%
Tables with RLS
< 4hrs
Incident Response
99.9%
Uptime Guarantee
SOC 2 Type II
Via Supabase
GDPR Compliant
EU Standards
COPPA Compliant
US Standards
DPA 2018
UK Standards
Multiple Layers Working Together
To Keep You Safe
We don't rely on just one security measure. Your data is protected by 7 different layers of security, all working together 24/7.
Military-Grade Encryption
AES-256 encryption protects your data
All your family's information is encrypted with the same technology used by banks and governments. Your data is scrambled into unreadable code both when stored and when being transmitted.
- AES-256 encryption at rest
- TLS 1.3 encryption in transit
- Encrypted backups
- Zero-knowledge architecture for child PINs
Row Level Security
Your private family room in our database
Think of it as having your own locked room that only your family can enter. Every piece of data is tagged with your family ID, and the database automatically ensures no other family can ever access it.
- Automatic family-level isolation
- Database-level access control
- Zero cross-family data leakage
- Protected even if app is compromised
Smart Authentication
Multiple ways to keep accounts secure
We verify everyone is who they say they are. Parents use secure magic-link authentication, children use fun emoji PINs, and family members get invitation-only access with specific permissions you control.
- Secure magic-link authentication
- Child-friendly emoji PIN system
- Invitation-only family member access
- Automatic session timeouts
COPPA & GDPR Compliant
Following strict international privacy laws
We don't just meet legal requirements — we exceed them. Your children's data is protected under UK DPA 2018, EU GDPR, and US COPPA laws, with enhanced protections built in.
- UK DPA 2018 compliant (age 16+)
- US COPPA compliant (age 13+)
- EU GDPR full compliance
- No advertising to children
24/7 Security Monitoring
Constant vigilance for your protection
Our systems never sleep. We continuously monitor for suspicious activity, unauthorized access attempts, and potential security threats, with automatic blocking of known threats.
- Real-time threat detection
- Automated security alerts
- Failed login attempt blocking
- Suspicious activity monitoring
Automated Backups
Your data is safe even if disaster strikes
We back up all your data daily to multiple secure locations. Even in the worst-case scenario, your family's information is protected and recoverable.
- Daily automated backups
- Multi-region storage
- Encrypted backup files
- 30-day backup retention
You're In Complete Control
Of Your Data
Your data belongs to YOU, not us. You have full control and can exercise your rights at any time.
Right to Access
View all data we have about your family anytime.
Export your data instantly
Right to Portability
Download everything in a portable format.
Get your data in JSON format
Right to Deletion
Delete your account and all data permanently.
Complete deletion in 30 days
Right to Correction
Fix any incorrect information we hold.
Edit data anytime
What Happens If You Delete Your Account?
When you delete your account, ALL your data is permanently deleted within 30 days. This includes backups. This action cannot be undone.
We may keep minimal transaction records for legal/tax requirements, but without personal details.
What Data We Collect
(And Why)
We believe in complete transparency. Here's exactly what we collect, in plain English.
Account Information
- Email address
- Name
- Secure password (encrypted)
→ To create and maintain your account
Child Information
- Name and age
- Developmental information
- Health passport data (optional)
→ To personalise their experience
Usage Data
- Feature usage
- Session times
- Error logs
→ To improve the app and fix bugs
Never Collected
- Precise GPS location
- Contact lists
- Microphone/camera (unless you grant permission)
→ We respect your privacy
What We NEVER Do
- Never sell your data
- Never advertise to children
- Never share with third parties
- Never use for marketing
Extra Protection for Children
Children's data gets special treatment with additional security layers, parental controls, and strict legal compliance.
Encrypted PINs
Child PINs are never stored as plain text — always encrypted with a zero-knowledge approach.
Parent Oversight
Full parental control and monitoring. Parents approve access and can review all activity.
No Tracking
Zero behavioural tracking for advertising. We never profile children or build advertising audiences.
Built on Trusted,
Certified Infrastructure
Supabase
SOC 2 Type II certified database infrastructure
Vercel
Enterprise-grade hosting with edge security
Stripe
PCI DSS Level 1 payment processing
Common Security Questions
Can WeaveONE staff see my data?
Only with your explicit permission when you request support. Our staff cannot browse user data.
What if there's a data breach?
We'll notify you within 72 hours, explain what happened, and provide steps to protect yourself. We have zero breaches to date.
Can I export my data?
Yes! Contact us at privacy@weaveone.co.uk to request a complete data export. You'll receive it in JSON format within 24 hours.
How long do you keep my data?
As long as your account is active. After deletion, all data is permanently removed within 30 days, including backups.
Security Contact
For security concerns, vulnerability reports, or data-related enquiries, please contact our team:
Email: privacy@weaveone.co.uk
Company: WEAVEONE LIMITED
Address: 71-75 Shelton Street, Covent Garden, London, WC2H 9JQ
Company Number: 17111255
Your Family's Data Deserves
The Best Protection
Join families who trust WeaveONE to keep their children's information safe. GDPR compliant, UK-registered, and built from the ground up for neurodivergent families.
UK-registered · GDPR & DPA 2018 compliant · Company No. 17111255