Security

A plain-language description of how Sovereign HNI handles your data and what the platform deliberately cannot do.

Last updated: 2026-04-15

Encryption in transit

Every connection to sovereignhni.com is forced over HTTPS with HSTS (max-age=63072000), which means browsers refuse to ever talk to the domain over plain HTTP. Backend API calls between the frontend and the FastAPI server use the same TLS-protected channel.

Encryption at rest

Application data lives in a Postgres database hosted on Supabase, which encrypts storage at rest by default. Backups are encrypted on the same infrastructure. Sovereign HNI does not store your data anywhere else.

Authentication

Authentication is handled by Supabase Auth. We support email + password and OAuth providers (Google, Apple, GitHub). Sessions are short-lived JWTs verified on every backend request — both HS256 (legacy projects) and ES256 via JWKS (current projects) are supported. Tokens are never logged or stored server-side beyond their natural verification.

Data isolation

Every row in every table is keyed by user_id. The backend validates the JWT on every request and only ever queries rows belonging to the authenticated user. There is no shared workspace, no admin panel that can read user data, and no internal team-wide access.

Exchange and broker integrations

All exchange and brokerage integrations are read-only. We request the minimum permission scope that lets us see balances and positions. We explicitly do not request withdrawal, transfer, or trading permissions. Even if our infrastructure were compromised, an attacker could not move your funds through any connected account because Sovereign HNI does not have that ability.

API keys are stored encrypted in the database. They are only decrypted in memory during a sync run and are never written to logs.

Third-party services we use

  • Supabase — Postgres database and authentication
  • Vercel — frontend hosting and edge CDN
  • Render — backend FastAPI hosting
  • CoinGecko — crypto price data (no user data sent)
  • yfinance — equity price data (no user data sent)
  • Anthropic — AI chat over your portfolio (only the data you ask about is sent, and only at the moment you ask)
  • Stripe (when paid tiers launch) — payment processing; card details never touch our servers

What we deliberately do not do

  • We do not sell user data. Ever. To anyone. For any reason.
  • We do not use your data to train AI models — ours or anyone else's.
  • We do not run marketing or advertising trackers on the dashboard.
  • We do not store exchange withdrawal credentials or any keys with write scope.
  • We do not have a backdoor that lets staff read your data.

HTTP security headers

The frontend sets the following headers on every response:

  • Strict-Transport-Security with a 2-year max-age
  • X-Content-Type-Options: nosniff
  • Referrer-Policy: strict-origin-when-cross-origin
  • X-Frame-Options: DENY (the dashboard cannot be embedded in an iframe by another site)
  • Permissions-Policy denying camera, microphone, geolocation, and FLoC

Reporting a vulnerability

If you believe you've found a security issue, please email security@sovereignhni.com with a description and reproduction steps. We will respond within 72 hours and work with you on a coordinated disclosure timeline.

Sovereign HNI is operated by Confiable Tech (DIFC, Dubai). We are committed to the practices above today and will update this page as the product and infrastructure evolve. The commitment to read-only integrations, no data sale, and no model training is permanent.