Security & privacy
Your story stays yours.
You're trusting us with the most personal book you'll ever write. Here's exactly how we earn — and keep — that trust.
Encrypted everywhere
TLS 1.2+ in transit, AES-256 at rest. Audio, photos, and transcripts all sit in private storage buckets — nothing is publicly addressable.
Row-level isolation
Every database query is gated by a policy that proves you own the row before a single byte is returned. Even our own application code can't read another user's project.
Strong sign-in
Passwords are bcrypt-hashed and screened against the Have I Been Pwned breach database. Suspicious sessions can be revoked instantly with one click.
We don't read your stories
Your content is never reviewed for ads, never sold, and never used to train AI models. Period.
Always exportable
Download a complete JSON of everything you've written, any time. Your memoir is portable — you're never locked in.
Truly deletable
Delete your account and we hard-delete every chapter, every recording, every photo. No soft delete, no shadow copy.
What contributors can see
When you invite a friend or family member to answer a prompt, they receive a unique link that opens only the questions you sent them. They never see the rest of your book, your other contributors, or any other content in your project.
Reporting a vulnerability
If you believe you've found a security issue, please email support@youronestory.com. We respond within 48 hours and credit responsible disclosure.
Story To Book is operated by jbai, LLC · Hawaii, USA.