Security

Data protection

FlyCurrent runs on a managed Postgres database with row-level security (RLS) enforcing that users can only access data they are authorized to see. Traffic is encrypted in transit (HTTPS/TLS) and data is encrypted at rest by our hosting provider.

Access control

We follow least-privilege access. Privileged database functions run with pinned search paths and scoped grants. Profile data exposed to the public is limited to the fields you choose to publish.

Research pseudonymization

Aggregate and research datasets pseudonymize user identifiers so individual users are not directly identifiable in analytics.

Responsible disclosure

Found a vulnerability? Please email security@flycurrent.ai and allow us reasonable time to remediate before public disclosure.

[DRAFT — formal security commitments, certifications, and SLAs to be finalized.]