ChronoMe
Sign inCreate account

Security at ChronoMe

We build ChronoMe with privacy, controlled sharing, and secure operations in mind. This page explains core technical safeguards in plain language.

Core security principles

We at ChronoMe:

  • Keep access limited and explicit.
  • Protect data in transit and at rest through standard platform safeguards.
  • Let users control sharing through profile, consent, and disclosure settings.
  • Keep sensitive operations auditable and reversible where possible.

Infrastructure and hosting model

ChronoMe runs on managed cloud infrastructure. We use established provider controls for physical security, platform monitoring, and service continuity, while our application layer enforces product-specific permissions and sharing rules.

Infrastructure security is managed at provider-level. ChronoMe secures application logic.

Data protection in transit and storage

Network communication with ChronoMe services is protected through HTTPS/TLS. Stored data is handled on managed storage infrastructure with platform safeguards and access controls.

No system can claim to be free of any risk. Our strategy: "Defense in depth" is a comprehensive, layered cybersecurity strategy that uses multiple, redundant, and complementary security controls to protect data and assets. By layering defenses—physical, network, application, and data—the approach ensures that if one security layer fails, others are in place to stop threats.

Access controls

ChronoMe applies account-based authorization checks across API operations. Sensitive actions are tied to ownership and permission scope, and unauthorized operations are rejected.

Protected media access uses time-limited signed URLs so files are not exposed as permanently public resources by default.

Conversation consent and training control

Conversation experiences include explicit consent handling and training toggles. Users can control whether session data is used for learning behavior according to flow-specific rules.

For direct human conversations, training-related behavior requires bilateral consent handling in the product flow.

Relationship-aware disclosure controls

ChronoMe supports person-level disclosure policies so users can define what categories of information may be shared with specific people.

Disclosure categories help separate public profile information from more sensitive areas such as private memories or relationship conflicts.

Kid safety and approval flows

Kid-related account actions include parent-approval logic in contact and interaction workflows, reducing uncontrolled access pathways.

Data lifecycle controls

ChronoMe includes user-facing flows for account cancellation and data export requests. These controls support transparency and user-directed data lifecycle actions.

When export is requested, archive generation and access are controlled through authenticated flows and bounded download behavior.

Operational security practices

We use structured deployment and monitoring practices, incident handling procedures, and regular operational reviews to keep platform behavior stable and secure.

Platform integration security posture

ChronoMe integrates infrastructure and AI/video services through controlled API boundaries. We apply a privacy-first product model on top of these services, with explicit permissions, consent controls, and auditable user-facing flows.

Scope and updates

Security practices evolve. We update this page as platform controls and architecture change. For legal rights and obligations, refer to Terms and Privacy pages.